[PATCH] [DbgHelp]: protect COFF line number parsing against out of bounds access
Eric Pouech
eric.pouech at orange.fr
Sun May 20 02:43:52 CDT 2012
A+
---
dlls/dbghelp/coff.c | 36 ++++++++++++++++++------------------
1 file changed, 18 insertions(+), 18 deletions(-)
diff --git a/dlls/dbghelp/coff.c b/dlls/dbghelp/coff.c
index 54bd278..9f01fd2 100644
--- a/dlls/dbghelp/coff.c
+++ b/dlls/dbghelp/coff.c
@@ -424,26 +424,26 @@ DECLSPEC_HIDDEN BOOL coff_process_info(const struct msc_debug_info* msc_dbg)
* If we have spilled onto the next entrypoint, then
* bump the counter..
*/
- for (;;)
+ for (; l+1 < coff_files.files[j].neps; l++)
{
- if (l+1 >= coff_files.files[j].neps) break;
- symt_get_address(coff_files.files[j].entries[l+1], &addr);
- if (((msc_dbg->module->module.BaseOfImage + linepnt->Type.VirtualAddress) < addr))
+ if (symt_get_address(coff_files.files[j].entries[l+1], &addr) &&
+ msc_dbg->module->module.BaseOfImage + linepnt->Type.VirtualAddress < addr)
+ {
+ if (coff_files.files[j].entries[l+1]->tag == SymTagFunction)
+ {
+ /*
+ * Add the line number. This is always relative to the
+ * start of the function, so we need to subtract that offset
+ * first.
+ */
+ symt_add_func_line(msc_dbg->module,
+ (struct symt_function*)coff_files.files[j].entries[l+1],
+ coff_files.files[j].compiland->source,
+ linepnt->Linenumber,
+ msc_dbg->module->module.BaseOfImage + linepnt->Type.VirtualAddress - addr);
+ }
break;
- l++;
- }
-
- if (coff_files.files[j].entries[l+1]->tag == SymTagFunction)
- {
- /*
- * Add the line number. This is always relative to the
- * start of the function, so we need to subtract that offset
- * first.
- */
- symt_get_address(coff_files.files[j].entries[l+1], &addr);
- symt_add_func_line(msc_dbg->module, (struct symt_function*)coff_files.files[j].entries[l+1],
- coff_files.files[j].compiland->source, linepnt->Linenumber,
- msc_dbg->module->module.BaseOfImage + linepnt->Type.VirtualAddress - addr);
+ }
}
}
}
More information about the wine-patches
mailing list