This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Make bfd_mach_o_archive_p more robust
- From: Andreas Schwab <schwab at suse dot de>
- To: binutils at sourceware dot org
- Date: Tue, 27 Jan 2009 15:29:44 +0100
- Subject: Make bfd_mach_o_archive_p more robust
Mach-O fat archives and Java bytecode files have the same magic number.
Make sure bfd_mach_o_archive_p does not match the latter by checking
that the number of architectures is reasonable. This is the same
heuristic that file(1) uses.
Andreas.
2009-01-27 Andreas Schwab <schwab@suse.de>
* mach-o.c (bfd_mach_o_archive_p): Restrict the number of
architectures in the archive.
--- bfd/mach-o.c 07 Jan 2009 09:44:50 +0100 1.31
+++ bfd/mach-o.c 27 Jan 2009 15:28:33 +0100
@@ -2098,6 +2098,11 @@ bfd_mach_o_archive_p (bfd *abfd)
adata->nfat_arch = bfd_getb32 (buf + 4);
if (adata->magic != 0xcafebabe)
goto error;
+ /* Avoid matching Java bytecode files, which have the same magic number.
+ In the Java bytecode file format this field contains to the JVM
+ version, which starts at 43.0. */
+ if (adata->nfat_arch > 30)
+ goto error;
adata->archentries =
bfd_alloc (abfd, adata->nfat_arch * sizeof (mach_o_fat_archentry));
--
Andreas Schwab, SuSE Labs, schwab@suse.de
SuSE Linux Products GmbH, Maxfeldstraße 5, 90409 Nürnberg, Germany
PGP key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."