Prevent an illegal memory access when running the strings program with an excessively lerge minimum string length.

PR 30595 * strings.c (main): Check for an excessively large minimum string length.
2023-06-30 11:18:42 +01:00 · 2023-06-30 11:18:42 +01:00 · 0d1cd7d978
commit 0d1cd7d978
parent 7e3ca9a4af
2 changed files with 12 additions and 0 deletions
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@ -1,3 +1,9 @@
+2023-06-30  Nick Clifton  <nickc@redhat.com>
+
+	PR 30595
+	* strings.c (main): Check for an excessively large minimum string
+	length.
+
 2023-06-21  Nick Clifton  <nickc@redhat.com>

 	* testsuite/lib/binutils-common.exp (prune_warnings_extra): Prune
--- a/binutils/strings.c
+++ b/binutils/strings.c
@ -315,8 +315,14 @@ main (int argc, char **argv)
      if (s != NULL && *s != 0)
 	fatal (_("invalid integer argument %s"), argv[numeric_opt - 1] + 1);
    }
+
  if (string_min < 1)
    fatal (_("invalid minimum string length %d"), string_min);
+  /* PR 30595: Look for excessive minimum string lengths.
+     The "(4 * string_min) + 1" is because this is the value
+     used to allocate space in print_unicode_stream().  */
+  else if (string_min == -1U || ((4 * string_min) + 1) == 0)
+    fatal (_("minimum string length %#x is too big"), string_min);

  switch (encoding)
    {