blob: e180983725a2e4e6311b0fd4667d05f08aa497a7 (
plain) (
blame)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
|
Use integer offset math instead of pointer math to determine load
command bounds.
Upstream-URL: https://github.com/llvm/llvm-project/issues/56746
--- llvm-14.0.6.src/lib/Object/MachOObjectFile.cpp.old 2022-06-22 16:46:24.000000000 +0000
+++ llvm-14.0.6.src/lib/Object/MachOObjectFile.cpp 2022-11-28 04:21:02.730211841 +0000
@@ -192,7 +192,8 @@
getLoadCommandInfo(const MachOObjectFile &Obj, const char *Ptr,
uint32_t LoadCommandIndex) {
if (auto CmdOrErr = getStructOrErr<MachO::load_command>(Obj, Ptr)) {
- if (CmdOrErr->cmdsize + Ptr > Obj.getData().end())
+ uint64_t Offset = Ptr - Obj.getData().begin();
+ if (CmdOrErr->cmdsize + Offset > Obj.getData().size())
return malformedError("load command " + Twine(LoadCommandIndex) +
" extends past end of file");
if (CmdOrErr->cmdsize < 8)
|