Skip to content

Commit

Permalink
This is a fix for PR binutils/16723, where a corrupt .gnu.version_r s…
Browse files Browse the repository at this point in the history 
…ection could

send readelf into an infinite loop.

	* readelf.c (process_version_sections): Prevent an infinite loop
	when the vn_next field is zero but there are still entries to be
	processed.
  • Loading branch information
@nickclifton
nickclifton committed Mar 19, 2014
1 parent ec92c39 commit c24cf8b
Show file tree
Hide file tree
Showing 2 changed files with 13 additions and 0 deletions.
7 changes: 7 additions & 0 deletions binutils/ChangeLog
View file
Original file line number Diff line number Diff line change
@@ -1,3 +1,10 @@
2014-03-19 Nick Clifton <[email protected]>

PR binutils/16723
* readelf.c (process_version_sections): Prevent an infinite loop
when the vn_next field is zero but there are still entries to be
processed.

2014-03-17 Tristan Gingold <[email protected]>

* od-macho.c (dump_section_header): Renames of dump_section.
Expand Down
6 changes: 6 additions & 0 deletions binutils/readelf.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -8971,6 +8971,12 @@ process_version_sections (FILE * file)
if (j < ent.vn_cnt)
warn (_("Missing Version Needs auxillary information\n"));

if (ent.vn_next == 0 && cnt < section->sh_info)
{
warn (_("Corrupt Version Needs structure - offset to next structure is zero with entries still left to be processed\n"));
cnt = section->sh_info;
break;
}
idx += ent.vn_next;
}

Expand Down

0 comments on commit c24cf8b

Please sign in to comment.