diff options
| author | Nick Clifton <nickc@redhat.com> | 2015-01-27 17:32:23 +0000 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2015-01-27 17:32:23 +0000 |
| commit | 0897ec15810bca3420ea7b8a91e491ed45780202 (patch) | |
| tree | dd7cc451877a5826e06000613f5d8bbf6b46e85e /binutils/rcparse.y | |
| parent | 877a8638ba563c667eb5358240334c473d0573a1 (diff) | |
| download | binutils-gdb-0897ec15810bca3420ea7b8a91e491ed45780202.tar.gz | |
Fixes for invalid memory accesses triggered by running windres on corrupt binaries.
PR binutils/17512
* rcparse.y: Add checks to avoid integer divide by zero.
* rescoff.c (read_coff_rsrc): Add check on the size of the
resource section.
(read_coff_res_dir): Add check on the nesting level.
Check for resource names overrunning the buffer.
* resrc.c (write_rc_messagetable): Update formatting.
Add check of 'elen' being zero.
Diffstat (limited to 'binutils/rcparse.y')
| -rw-r--r-- | binutils/rcparse.y | 9 |
1 files changed, 5 insertions, 4 deletions
diff --git a/binutils/rcparse.y b/binutils/rcparse.y index 78ac57eee95..0cf6c2c1f2a 100644 --- a/binutils/rcparse.y +++ b/binutils/rcparse.y @@ -1887,12 +1887,12 @@ sizednumexpr: } | sizednumexpr '/' sizednumexpr { - $$.val = $1.val / $3.val; + $$.val = $1.val / ($3.val ? $3.val : 1); $$.dword = $1.dword || $3.dword; } | sizednumexpr '%' sizednumexpr { - $$.val = $1.val % $3.val; + $$.val = $1.val % ($3.val ? $3.val : 1); $$.dword = $1.dword || $3.dword; } | sizednumexpr '+' sizednumexpr @@ -1966,12 +1966,13 @@ sizedposnumexpr: } | sizedposnumexpr '/' sizednumexpr { - $$.val = $1.val / $3.val; + $$.val = $1.val / ($3.val ? $3.val : 1); $$.dword = $1.dword || $3.dword; } | sizedposnumexpr '%' sizednumexpr { - $$.val = $1.val % $3.val; + /* PR 17512: file: 89105a25. */ + $$.val = $1.val % ($3.val ? $3.val : 1); $$.dword = $1.dword || $3.dword; } | sizedposnumexpr '+' sizednumexpr |