scc

simple C compiler
git clone git://git.2f30.org/scc
Log | Files | Refs | README | LICENSE

commit fdba86b87f7644af81e57923f0b4e4f6e03dedfa
parent dde0b08c0386115d4b11bd3654be8cecae2e1bf9
Author: Roberto E. Vargas Caballero <k0ga@shike2.com>
Date:   Fri, 24 Nov 2017 17:01:34 +0000

[nm] Improve member skipping in ar()

The condition to calculate the position in ar() was wrong
and it was possible to fire an integer overflow.

Diffstat:
nm/main.c | 11++++++++++-
1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/nm/main.c b/nm/main.c @@ -94,8 +94,17 @@ ar(char *fname, FILE *fp) long pos; while (rdarhdr(fp, &hdr) != EOF) { - if ((pos = ftell(fp)) & 1) + pos = ftell(fp); + if (pos > LONG_MAX - hdr.size) { + fprintf(stderr, + "nm: %s: overflow in size of archive\n", + fname); + return; + } + pos += hdr.size; + if (hdr.size & 1) ++pos; + if (myrofile(fname, fp)) { nm(fname, hdr.name, fp); } else {