segv in bfd_elf_get_str_section
Checks
Commit Message
Attempting to write a termination NUL to PROT_READ mmap'd memory was
a silly idea.
PR 32109
* elf.c (bfd_elf_get_str_section): Don't write terminating NUL
if missing.
* libbfd.c (_bfd_munmap_readonly_temporary): Correct comment.
@@ -301,7 +301,8 @@ bfd_elf_get_str_section (bfd *abfd, unsigned int shindex)
_bfd_error_handler
/* xgettext:c-format */
(_("%pB: string table [%u] is corrupt"), abfd, shindex);
- shstrtab[shstrtabsize - 1] = 0;
+ shstrtab = NULL;
+ i_shdrp[shindex]->sh_size = 0;
}
i_shdrp[shindex]->contents = shstrtab;
}
@@ -1126,7 +1126,7 @@ _bfd_munmap_readonly_temporary (void *ptr, size_t rsize)
{
/* NB: Since _bfd_munmap_readonly_temporary is called like free, PTR
may be NULL. Otherwise, PTR and RSIZE must be valid. If RSIZE is
- 0, _bfd_malloc_and_read is called. */
+ 0, free is called. */
if (ptr == NULL)
return;
if (rsize != 0)