22 lines
762 B
Text
22 lines
762 B
Text
Fix out-of-bounds memcpys (FILNMLEN is 18, sizeof x_fname is 14).
|
|
Index: bfd/peXXigen.c
|
|
--- bfd/peXXigen.c.orig
|
|
+++ bfd/peXXigen.c
|
|
@@ -318,7 +318,7 @@ _bfd_XXi_swap_aux_in (bfd * abfd,
|
|
in->x_file.x_n.x_offset = H_GET_32 (abfd, ext->x_file.x_n.x_offset);
|
|
}
|
|
else
|
|
- memcpy (in->x_file.x_fname, ext->x_file.x_fname, FILNMLEN);
|
|
+ memcpy (in->x_file.x_fname, ext->x_file.x_fname, sizeof in->x_file.x_fname);
|
|
return;
|
|
|
|
case C_STAT:
|
|
@@ -392,7 +392,7 @@ _bfd_XXi_swap_aux_out (bfd * abfd,
|
|
H_PUT_32 (abfd, in->x_file.x_n.x_offset, ext->x_file.x_n.x_offset);
|
|
}
|
|
else
|
|
- memcpy (ext->x_file.x_fname, in->x_file.x_fname, FILNMLEN);
|
|
+ memcpy (ext->x_file.x_fname, in->x_file.x_fname, sizeof ext->x_file.x_fname);
|
|
|
|
return AUXESZ;
|
|
|