From patchwork Wed Nov  5 15:28:08 2014
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Will Newton <will.newton@linaro.org>
X-Patchwork-Id: 40193
Return-Path: <patchwork-forward+bncBCXPZFGDUEJBBK4E5GRAKGQEG4NB53Q@linaro.org>
X-Original-To: linaro@patches.linaro.org
Delivered-To: linaro@patches.linaro.org
Received: from mail-wi0-f199.google.com (mail-wi0-f199.google.com
 [209.85.212.199])
 by ip-10-151-82-157.ec2.internal (Postfix) with ESMTPS id CCA042404A
 for <linaro@patches.linaro.org>; Wed,  5 Nov 2014 15:28:45 +0000 (UTC)
Received: by mail-wi0-f199.google.com with SMTP id r20sf1022933wiv.6
 for <linaro@patches.linaro.org>; Wed, 05 Nov 2014 07:28:45 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:delivered-to:mailing-list
 :precedence:list-id:list-unsubscribe:list-subscribe:list-archive
 :list-post:list-help:sender:delivered-to:from:to:subject:date
 :message-id:x-original-sender:x-original-authentication-results;
 bh=zu65v4MQanAbNLuJO1zXU1WwWX4eTPh21Mh1tBECOKk=;
 b=BeHqYa8eUzhObVN8vp7vhUEahBIzlk8HFX4pEja3AOnQUAeRM5+qDRhTfkpWYRvVCx
 sICUwGrhz2nrIRTzdJhA3PS6cryYhEpBRsKCHeoOgAOkae9PvyuVwweJkmvjnlw6gAbA
 JdLm5d2Og5h+HTx5/l9rvnRWGSZVqQrtMbEzVZEUBwpUNjyZtEs3EO6zqf+TU2PRurJO
 o+UB6EXGaGKoXXQvd1g0CSzgfBR8F04pUP0rv2PIzvjJ6i2x22M/TSTS+a3LygimU+Zt
 XPlUMixjV/kkuzukx17inCekWeIEbQAt02gTVca1v9yX6gSj1XnBqoyLLF9i0HUhWUcc
 qhrw==
X-Gm-Message-State: ALoCoQllcuE0uTFaLtFZIV8JOqcYM8PNRlZSHp4S1KDR0QLY97lqkGFeb9m5gvvUVqrrJHl/NO0R
X-Received: by 10.112.89.195 with SMTP id bq3mr3523822lbb.9.1415201323841;
 Wed, 05 Nov 2014 07:28:43 -0800 (PST)
MIME-Version: 1.0
X-BeenThere: patchwork-forward@linaro.org
Received: by 10.152.37.1 with SMTP id u1ls1085288laj.29.gmail; Wed, 05 Nov
 2014 07:28:43 -0800 (PST)
X-Received: by 10.152.88.1 with SMTP id bc1mr30089832lab.96.1415201323694;
 Wed, 05 Nov 2014 07:28:43 -0800 (PST)
Received: from mail-la0-x22f.google.com (mail-la0-x22f.google.com.
 [2a00:1450:4010:c03::22f])
 by mx.google.com with ESMTPS id z7si6821230lag.18.2014.11.05.07.28.43
 for <patchwork-forward@linaro.org>
 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
 Wed, 05 Nov 2014 07:28:43 -0800 (PST)
Received-SPF: pass (google.com: domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 2a00:1450:4010:c03::22f as permitted sender)
 client-ip=2a00:1450:4010:c03::22f; 
Received: by mail-la0-f47.google.com with SMTP id gd6so863376lab.20
 for <patchwork-forward@linaro.org>;
 Wed, 05 Nov 2014 07:28:43 -0800 (PST)
X-Received: by 10.152.6.228 with SMTP id e4mr68679242laa.71.1415201323405;
 Wed, 05 Nov 2014 07:28:43 -0800 (PST)
X-Forwarded-To: patchwork-forward@linaro.org
X-Forwarded-For: patch@linaro.org patchwork-forward@linaro.org
Delivered-To: patch@linaro.org
Received: by 10.112.184.201 with SMTP id ew9csp299501lbc;
 Wed, 5 Nov 2014 07:28:42 -0800 (PST)
X-Received: by 10.70.34.206 with SMTP id b14mr51858230pdj.10.1415201321659; 
 Wed, 05 Nov 2014 07:28:41 -0800 (PST)
Received: from sourceware.org (server1.sourceware.org. [209.132.180.131])
 by mx.google.com with ESMTPS id
 xr7si3243675pbc.175.2014.11.05.07.28.40 for <patch@linaro.org>
 (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 05 Nov 2014 07:28:41 -0800 (PST)
Received-SPF: pass (google.com: domain of
 binutils-return-85270-patch=linaro.org@sourceware.org
 designates 209.132.180.131 as permitted sender)
 client-ip=209.132.180.131; 
Received: (qmail 5014 invoked by alias); 5 Nov 2014 15:28:25 -0000
Mailing-List: list patchwork-forward@linaro.org;
 contact patchwork-forward+owners@linaro.org
Precedence: list
List-Id: <patchwork-forward.linaro.org>
List-Unsubscribe: <mailto:googlegroups-manage+836684582541+unsubscribe@googlegroups.com>, 
 <http://groups.google.com/a/linaro.org/group/patchwork-forward/subscribe>
List-Subscribe: <mailto:binutils-subscribe@sourceware.org>
List-Archive: <http://groups.google.com/a/linaro.org/group/patchwork-forward/>
List-Post: <http://groups.google.com/a/linaro.org/group/patchwork-forward/post>, 
 <mailto:patchwork-forward@linaro.org>
List-Help: <http://support.google.com/a/linaro.org/bin/topic.py?topic=25838>, 
 <mailto:patchwork-forward+help@linaro.org>
Sender: binutils-owner@sourceware.org
Delivered-To: mailing list binutils@sourceware.org
Received: (qmail 5000 invoked by uid 89); 5 Nov 2014 15:28:24 -0000
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-2.6 required=5.0 tests=BAYES_00,
 RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.2
X-HELO: mail-wg0-f44.google.com
Received: from mail-wg0-f44.google.com (HELO mail-wg0-f44.google.com)
 (74.125.82.44) by sourceware.org
 (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted)
 ESMTPS; Wed, 05 Nov 2014 15:28:18 +0000
Received: by mail-wg0-f44.google.com with SMTP id x12so1203229wgg.3 for
 <binutils@sourceware.org>; Wed, 05 Nov 2014 07:28:15 -0800 (PST)
X-Received: by 10.180.104.105 with SMTP id gd9mr32892493wib.65.1415201295247; 
 Wed, 05 Nov 2014 07:28:15 -0800 (PST)
Received: from localhost.localdomain
 (cpc16-seac21-2-0-cust244.7-2.cable.virginm.net.
 [82.17.33.245]) by mx.google.com with ESMTPSA id
 rx8sm4433741wjb.30.2014.11.05.07.28.12 for
 <binutils@sourceware.org> (version=TLSv1.2
 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Wed, 05 Nov 2014 07:28:13 -0800 (PST)
From: Will Newton <will.newton@linaro.org>
To: binutils@sourceware.org
Subject: [PATCH] bfd/elf-attrs.c: Fix possible infinite loop parsing attributes
Date: Wed,  5 Nov 2014 15:28:08 +0000
Message-Id: <1415201288-11629-1-git-send-email-will.newton@linaro.org>
X-IsSubscribed: yes
X-Original-Sender: will.newton@linaro.org
X-Original-Authentication-Results: mx.google.com; spf=pass (google.com:
 domain of
 patch+caf_=patchwork-forward=linaro.org@linaro.org designates
 2a00:1450:4010:c03::22f as permitted sender)
 smtp.mail=patch+caf_=patchwork-forward=linaro.org@linaro.org; 
 dkim=pass header.i=@sourceware.org
X-Google-Group-Id: 836684582541

Handle the case of a zero length section or sub-section in
_bfd_elf_parse_attributes and in doing so prevent an infinite loop
in the parser.

bfd/ChangeLog:

2014-11-05  Will Newton  <will.newton@linaro.org>

	* elf-attrs.c (_bfd_elf_parse_attributes): Handle zero
	length sections and sub-sections.
---
 bfd/elf-attrs.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/bfd/elf-attrs.c b/bfd/elf-attrs.c
index cd0cbca..6bc2944 100644
--- a/bfd/elf-attrs.c
+++ b/bfd/elf-attrs.c
@@ -455,6 +455,8 @@ _bfd_elf_parse_attributes (bfd *abfd, Elf_Internal_Shdr * hdr)
 
 	  section_len = bfd_get_32 (abfd, p);
 	  p += 4;
+	  if (section_len == 0)
+	    break;
 	  if (section_len > len)
 	    section_len = len;
 	  len -= section_len;
@@ -487,6 +489,8 @@ _bfd_elf_parse_attributes (bfd *abfd, Elf_Internal_Shdr * hdr)
 	      p += n;
 	      subsection_len = bfd_get_32 (abfd, p);
 	      p += 4;
+	      if (subsection_len == 0)
+		break;
 	      if (subsection_len > section_len)
 		subsection_len = section_len;
 	      section_len -= subsection_len;