We were checking the reg nr, not the length of the block.
Signed-off-by: Mark Wielaard <m...@redhat.com>
---
src/readelf.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/readelf.c b/src/readelf.c
index c14bfb6..08de798 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -5025,7 +5025,7 @@ print_cfa_program (const unsigned char *readp, const
unsigned char *const endp,
get_uleb128 (op2, readp); /* Length of DW_FORM_block. */
printf (" expression r%" PRIu64 " (%s) \n",
op1, regname (op1));
- if ((uint64_t) (endp - readp) < op1)
+ if ((uint64_t) (endp - readp) < op2)
goto invalid;
print_ops (dwflmod, dbg, 10, 10, version, ptr_size, 0, NULL,
op2, readp);
--
1.8.3.1
