Fuzzers whining about mach-o support
It's very easy to make bfd/mach-o.c allocate huge amounts of memory
with fuzzed binaries. This make it a little harder.
The patch also fixes a number of places where an attempt to detect
overflow of multiplication was done with code like
if (x * 4 < x)
/* overflow case */
That of course doesn't work. There are plenty of values of x that
overflow x * 4 but (x * 4) mod 2^n is greater than x. For example
with 16-bit types, 0x6000 * 4 = 0x18000 mod 2^16 = 0x8000.
* mach-o.c (bfd_mach_o_canonicalize_relocs): Fix ineffective
overflow check.
(bfd_mach_o_canonicalize_reloc): Likewise.
(bfd_mach_o_canonicalize_dynamic_reloc): Likewise. Sanity check
counts and offsets against file size.
(bfd_mach_o_build_dysymtab): Fix ineffective overflow check.
(bfd_mach_o_mangle_sections): Remove unnecessary overflow check.
(bfd_mach_o_read_symtab_symbols): Sanity check count and offset
against file size. Delete symbol table error message.
(bfd_mach_o_read_dysymtab): Sanity check counts and offsets
against file size.
(bfd_mach_o_read_symtab): Likewise.
(bfd_mach_o_read_command): Pass file size.
(bfd_mach_o_scan): Sanity check command count against file size.
2 files changed
