Fix buffer overflow.

We were reading past the end of the buffer. llvm-svn: 316143
author: Rafael Espindola <rafael.espindola@gmail.com> 2017-10-19 01:25:48 +0000
committer: Rafael Espindola <rafael.espindola@gmail.com> 2017-10-19 01:25:48 +0000
commit: 55680d0addfa6536f9d51217fa814e8aa4889824 (patch)
tree: 8099a0b0008e0c482df3742a2139e0c8e6482aea /llvm/lib/BinaryFormat/Magic.cpp
parent: 2a0a8fb6bcd8b223b2c9174aa39b7199cf072e5d (diff)
download: bcm5719-llvm-55680d0addfa6536f9d51217fa814e8aa4889824.tar.gz
bcm5719-llvm-55680d0addfa6536f9d51217fa814e8aa4889824.zip
1 files changed, 1 insertions, 1 deletions
diff --git a/llvm/lib/BinaryFormat/Magic.cpp b/llvm/lib/BinaryFormat/Magic.cpp
index e9b8df93b90..db8e9526e64 100644
--- a/llvm/lib/BinaryFormat/Magic.cpp
+++ b/llvm/lib/BinaryFormat/Magic.cpp
@@ -185,7 +185,7 @@ file_magic llvm::identify_magic(StringRef Magic) {
     if (startswith(Magic, "MZ") && Magic.size() >= 0x3c + 4) {
       uint32_t off = read32le(Magic.data() + 0x3c);
       // PE/COFF file, either EXE or DLL.
-      if (off < Magic.size() &&
+      if (off + sizeof(COFF::PEMagic) <= Magic.size() &&
           memcmp(Magic.data() + off, COFF::PEMagic, sizeof(COFF::PEMagic)) == 0)
         return file_magic::pecoff_executable;
     }
author	Rafael Espindola <rafael.espindola@gmail.com>	2017-10-19 01:25:48 +0000
committer	Rafael Espindola <rafael.espindola@gmail.com>	2017-10-19 01:25:48 +0000
commit	55680d0addfa6536f9d51217fa814e8aa4889824 (patch)
tree	8099a0b0008e0c482df3742a2139e0c8e6482aea /llvm/lib/BinaryFormat/Magic.cpp
parent	2a0a8fb6bcd8b223b2c9174aa39b7199cf072e5d (diff)
download	bcm5719-llvm-55680d0addfa6536f9d51217fa814e8aa4889824.tar.gz bcm5719-llvm-55680d0addfa6536f9d51217fa814e8aa4889824.zip