[Bug binutils/17531] readelf crashes on fuzzed samples

[cvs-commit at gcc dot gnu.org]

https://sourceware.org/bugzilla/show_bug.cgi?id=17531

--- Comment #61 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".

The branch, master has been updated
       via  82b1b41bcdc6d01fdbd94b246e24a8a8f8c2bddd (commit)
       via  c1724c7fd39d85ccc1f94a0cd7bc25b19aa43ffd (commit)
      from  f8ed3ac5f2600f037bff4ba01e6c92257d4a4fae (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=82b1b41bcdc6d01fdbd94b246e24a8a8f8c2bddd

commit 82b1b41bcdc6d01fdbd94b246e24a8a8f8c2bddd
Author: Nick Clifton <address@hidden>
Date:   Mon Jan 5 13:54:22 2015 +0000

    More fixes for invalid memory accesses triggered by fuzzed binaries.

        PR binutils/17531
        * dwarf.c (alloc_num_debug_info_entries): New variable.
        (process_debug_info): Set it.  Use it to avoid displaying
        attributes for which there is no info.
        (display_debug_abbrev): Check that the debug_info_entry index is
        valid before using it.
        (display_loc_list_dwo): Likewise.
        (process_cu_tu_index): Add range check for an overlarge dw_sect
        value.
        (free_debug_memory): Reset alloc_num_debug_info_entries.
        * readelf.c (slurp_ia64_unwind_table): Warn if the reloc could not
        be indentified.
        (dynamic_section_mips_val): Warn if the timestamp is invalid.
        (print_mips_got_entry): Add a data_end parameter.  Warn if a read
        would go beyond the end of the data, and return an error value.
        (process_mips_specific): Do not read options from beyond the end
        of the section.
        Correct code to display optional data at the end of an option.
        Warn if there are too many GOT symbols.
        Update calls to print_mips_got_entry, and handle error returns.

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=c1724c7fd39d85ccc1f94a0cd7bc25b19aa43ffd

commit c1724c7fd39d85ccc1f94a0cd7bc25b19aa43ffd
Author: Daniel Klauer <address@hidden>
Date:   Mon Jan 5 09:41:48 2015 +0000

    Corrects the description of the --kill-at option of dlltool.

        PR binutils/17489
        * doc/binutils.texi (dlltool): Correct description of --kill-at
        option.

-----------------------------------------------------------------------

Summary of changes:
 binutils/ChangeLog         |   29 ++++++++++++
 binutils/doc/binutils.texi |   12 +++--
 binutils/dwarf.c           |  107 +++++++++++++++++++++++++++++++-------------
 binutils/dwarf.h           |    8 ++--
 binutils/readelf.c         |  100 +++++++++++++++++++++++++++++++---------
 5 files changed, 194 insertions(+), 62 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.