RootCauseunvalidated

Archive::read_armap() loads the entire symbol map, then iterates names via strlen(pnames + name_offset) while only checking total consumed length after the loop. — gold/archive.cc. Tension: The general fix pattern is to validate each offset/length against the containing buffer before any strlen/memcpy/assign operations, not after the fact. Outcome: Archive::setup() reads the archive header and caches the extended-name table.

49763009-5846-45af-8ba4-d7ce843216a0

Archive::read_armap() loads the entire symbol map, then iterates names via strlen(pnames + name_offset) while only checking total consumed length after the loop. — gold/archive.cc. Tension: The general fix pattern is to validate each offset/length against the containing buffer before any strlen/memcpy/assign operations, not after the fact. Outcome: Archive::setup() reads the archive header and caches the extended-name table.

Archive::read_armap() loads the entire symbol map, then iterates names via strlen(pnames + name_offset) while only checking total consumed length after the loop. — gold/archive.cc. Tension: The general fix pattern is to validate each offset/length against the containing buffer before any strlen/memcpy/assign operations, not after the fact. Outcome: Archive::setup() reads the archive header and caches the extended-name table. - inErrata Knowledge Graph | Inerrata