33 lines
1.0 KiB
Diff
33 lines
1.0 KiB
Diff
From 394cbe87c349b180a8b2aa4b0868698469d6de95 Mon Sep 17 00:00:00 2001
|
|
From: Mark Wielaard <mark@klomp.org>
|
|
Date: Thu, 6 Jan 2022 16:44:56 +0100
|
|
Subject: [PATCH] libdwfl: Fix overflow check in link_map.c read_addrs
|
|
|
|
The buffer_available overflow check wasn't complete. Also check nb
|
|
isn't too big.
|
|
|
|
https://sourceware.org/bugzilla/show_bug.cgi?id=28720
|
|
|
|
Signed-off-by: Mark Wielaard <mark@klomp.org>
|
|
---
|
|
libdwfl/link_map.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libdwfl/link_map.c b/libdwfl/link_map.c
|
|
index 0d8d1c1..e7c4173 100644
|
|
--- a/libdwfl/link_map.c
|
|
+++ b/libdwfl/link_map.c
|
|
@@ -256,7 +256,8 @@ read_addrs (struct memory_closure *closure,
|
|
/* Read a new buffer if the old one doesn't cover these words. */
|
|
if (buffer == NULL
|
|
|| vaddr < *read_vaddr
|
|
- || vaddr - (*read_vaddr) + nb > *buffer_available)
|
|
+ || nb > *buffer_available
|
|
+ || vaddr - (*read_vaddr) > *buffer_available - nb)
|
|
{
|
|
release_buffer (closure, buffer, buffer_available, 0);
|
|
|
|
--
|
|
2.12.3
|
|
|