Google Git
Sign in
gnu / binutils-gdb / b570b954bc5c1d6a6edb363c7bdba814bc1fd174
commitb570b954bc5c1d6a6edb363c7bdba814bc1fd174[log] [tgz]
authorAlan Modra <amodra@gmail.com>Tue Feb 25 12:48:43 2020 +1030
committerAlan Modra <amodra@gmail.com>Wed Feb 26 10:37:13 2020 +1030
treea7afa03ea8b4b9383264005d4f29413931a7468d
parent24a15046c0ccc7fb7b95da1bb72fa66ad6bf6382 [diff]
Limit bogus archive parsed_size

Archive element size is given by data in the archive, and thus is
subject to attack by fuzzers.  The only harm this allows is allocation
of huge amounts of memory, but some systems don't handle that well.
So limit archive element size to archive file size.

	* bfdio.c (bfd_get_file_size): Ignore bogus archive element sizes.
2 files changed
tree: a7afa03ea8b4b9383264005d4f29413931a7468d
  1. bfd/
  2. binutils/
  3. config/
  4. contrib/
  5. cpu/
  6. elfcpp/
  7. etc/
  8. gas/
  9. gdb/
  10. gdbserver/
  11. gdbsupport/
  12. gnulib/
  13. gold/
  14. gprof/
  15. include/
  16. intl/
  17. ld/
  18. libctf/
  19. libdecnumber/
  20. libiberty/
  21. opcodes/
  22. readline/
  23. sim/
  24. texinfo/
  25. zlib/
  26. .cvsignore
  27. .gitattributes
  28. .gitignore
  29. ar-lib
  30. ChangeLog
  31. compile
  32. config-ml.in
  33. config.guess
  34. config.rpath
  35. config.sub
  36. configure
  37. configure.ac
  38. COPYING
  39. COPYING.LIB
  40. COPYING.LIBGLOSS
  41. COPYING.NEWLIB
  42. COPYING3
  43. COPYING3.LIB
  44. depcomp
  45. djunpack.bat
  46. install-sh
  47. libtool.m4
  48. ltgcc.m4
  49. ltmain.sh
  50. ltoptions.m4
  51. ltsugar.m4
  52. ltversion.m4
  53. lt~obsolete.m4
  54. MAINTAINERS
  55. Makefile.def
  56. Makefile.in
  57. Makefile.tpl
  58. makefile.vms
  59. missing
  60. mkdep
  61. mkinstalldirs
  62. move-if-change
  63. multilib.am
  64. README
  65. README-maintainer-mode
  66. setup.com
  67. src-release.sh
  68. symlink-tree
  69. test-driver
  70. ylwrap