Fix use-after-free error when parsing a corrupt nested archive.

PR 21787 * archive.c (bfd_generic_archive_p): If the bfd does not have the correct magic bytes at the start, set the error to wrong format and clear the format selector before returning NULL.
author: Nick Clifton <nickc@redhat.com> 2017-07-19 14:49:12 +0100
committer: Nick Clifton <nickc@redhat.com> 2017-07-19 14:49:12 +0100
commit: 909e4e716c4d77e33357bbe9bc902bfaf2e1af24 (patch)
tree: c406acbf9c4e7a7d0978266414275e57dcc16a40 /bfd
parent: 62a5222fdab2acdc129b7c7d3713e7f349e26029 (diff)
2 files changed, 13 insertions, 1 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index b8837588d1..cc7f45c8cd 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,12 @@
 2017-07-19  Nick Clifton  <nickc@redhat.com>
 
+	PR 21787
+	* archive.c (bfd_generic_archive_p): If the bfd does not have the
+	correct magic bytes at the start, set the error to wrong format
+	and clear the format selector before returning NULL.
+
+2017-07-19  Nick Clifton  <nickc@redhat.com>
+
 	PR 21786
 	* coff-rs6000.c (_bfd_strntol): New function.
 	(_bfd_strntoll): New function.
diff --git a/bfd/archive.c b/bfd/archive.c
index f209babe14..885bf489c0 100644
--- a/bfd/archive.c
+++ b/bfd/archive.c
@@ -834,7 +834,12 @@ bfd_generic_archive_p (bfd *abfd)
   if (strncmp (armag, ARMAG, SARMAG) != 0
       && strncmp (armag, ARMAGB, SARMAG) != 0
       && ! bfd_is_thin_archive (abfd))
-    return NULL;
+    {
+      bfd_set_error (bfd_error_wrong_format);
+      if (abfd->format == bfd_archive)
+	abfd->format = bfd_unknown;
+      return NULL;
+    }
 
   tdata_hold = bfd_ardata (abfd);
author	Nick Clifton <nickc@redhat.com>	2017-07-19 14:49:12 +0100
committer	Nick Clifton <nickc@redhat.com>	2017-07-19 14:49:12 +0100
commit	909e4e716c4d77e33357bbe9bc902bfaf2e1af24 (patch)
tree	c406acbf9c4e7a7d0978266414275e57dcc16a40 /bfd
parent	62a5222fdab2acdc129b7c7d3713e7f349e26029 (diff)