blob: a1b74248cee00a23d8fa18b601ee5cfe8d93e16c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
|
From 4b8386a90802ed8e43eac2266f6e03c92b4462ed Mon Sep 17 00:00:00 2001
From: Nick Clifton <nickc@redhat.com>
Date: Fri, 23 Dec 2022 13:02:04 +0000
Subject: [PATCH] Fix illegal memory access parsing corrupt DWARF information.
PR 29936
* dwarf2.c (concat_filename): Fix check for a directory index off
the end of the directory table.
Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=8af23b30edbaedf009bc9b243cd4dfa10ae1ac09]
CVE: CVE-2023-22608
Signed-off-by: Yash Shinde <Yash.Shinde@windriver.com>
---
bfd/dwarf2.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/bfd/dwarf2.c b/bfd/dwarf2.c
index b7839ad6..8b07a24c 100644
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@@ -1828,7 +1828,8 @@ concat_filename (struct line_info_table *table, unsigned int file)
if (table->files[file].dir
/* PR 17512: file: 0317e960. */
- && table->files[file].dir <= table->num_dirs
+ && table->files[file].dir
+ <= (table->use_dir_and_file_0 ? table->num_dirs - 1 : table->num_dirs)
/* PR 17512: file: 7f3d2e4b. */
&& table->dirs != NULL)
{
|
