[PATCH] [libiberty] Fix read buffer overflow in split_directories

Tim Rühsen Thu, 28 Nov 2019 13:12:23 -0800

An empty name param leads to read buffer overflow in
function split_directories.


* libiberty/make-relative-prefix.c (split_directories):
  Return early on empty name.
---
 libiberty/ChangeLog              | 7 +++++++
 libiberty/make-relative-prefix.c | 3 +++
 2 files changed, 10 insertions(+)

diff --git a/libiberty/ChangeLog b/libiberty/ChangeLog
index b516903d94..b7e24d11ef 100644
--- a/libiberty/ChangeLog
+++ b/libiberty/ChangeLog
@@ -1,3 +1,10 @@
+2019-11-28  Tim Ruehsen  <tim.rueh...@gmx.de>
+
+       Fix read buffer overflow in split_directories
+
+       * make-relative-prefix.c (split_directories):
+       Return early on empty 'name'
+
 2019-11-16  Tim Ruehsen  <tim.rueh...@gmx.de>

        Fix write buffer overflow in cplus_demangle()
diff --git a/libiberty/make-relative-prefix.c b/libiberty/make-relative-prefix.c
index ec0b0ee749..2ff2af8a59 100644
--- a/libiberty/make-relative-prefix.c
+++ b/libiberty/make-relative-prefix.c
@@ -122,6 +122,9 @@ split_directories (const char *name, int *ptr_num_dirs)
   const char *p, *q;
   int ch;

+  if (!*name)
+    return NULL;
+
   /* Count the number of directories.  Special case MSDOS disk names as part
      of the initial directory.  */
   p = name;
--
2.24.0

[PATCH] [libiberty] Fix read buffer overflow in split_directories

Reply via email to