libdwfl: Fix overflow check in link_map.c read_addrs
Commit Message
The buffer_available overflow check wasn't complete. Also check nb
isn't too big.
https://sourceware.org/bugzilla/show_bug.cgi?id=28720
Signed-off-by: Mark Wielaard <mark@klomp.org>
---
libdwfl/ChangeLog | 4 ++++
libdwfl/link_map.c | 3 ++-
2 files changed, 6 insertions(+), 1 deletion(-)
@@ -1,3 +1,7 @@
+2022-01-03 Mark Wielaard <mark@klomp.org>
+
+ * link_map.c (read_addrs): Fix buffer_available nb overflow.
+
2021-12-23 Mark Wielaard <mark@klomp.org>
* link_map.c (read_addrs): Calculate addr to read by hand.
@@ -257,7 +257,8 @@ read_addrs (struct memory_closure *closure,
/* Read a new buffer if the old one doesn't cover these words. */
if (*buffer == NULL
|| vaddr < *read_vaddr
- || vaddr - (*read_vaddr) + nb > *buffer_available)
+ || nb > *buffer_available
+ || vaddr - (*read_vaddr) > *buffer_available - nb)
{
release_buffer (closure, buffer, buffer_available, 0);