From 63d05642d48ec81637481518df962f2b3be435a3 Mon Sep 17 00:00:00 2001
From: Dan Kortschak <dan@kortschak.io>
Date: Sat, 27 Aug 2022 12:49:25 +0930
Subject: [PATCH] debug/pe: be careful to avoid potential uint32 overflow

Change-Id: Ic3c1c972bec39e14ea1af50ab2b5d887dac29eab
Reviewed-on: https://go-review.googlesource.com/c/go/+/426114
Reviewed-by: Bryan Mills <bcmills@google.com>
Auto-Submit: Dan Kortschak <dan@kortschak.io>
Reviewed-by: David Chase <drchase@google.com>
Reviewed-by: Alex Brainman <alex.brainman@gmail.com>
---
 src/debug/pe/file.go | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/debug/pe/file.go b/src/debug/pe/file.go
index 7adf3e122e..84bc300d92 100644
--- a/src/debug/pe/file.go
+++ b/src/debug/pe/file.go
@@ -353,7 +353,10 @@ func (f *File) ImportedSymbols() ([]string, error) {
 	var ds *Section
 	ds = nil
 	for _, s := range f.Sections {
-		if s.VirtualAddress <= idd.VirtualAddress && idd.VirtualAddress < s.VirtualAddress+s.VirtualSize {
+		// We are using distance between s.VirtualAddress and idd.VirtualAddress
+		// to avoid potential overflow of uint32 caused by addition of s.VirtualSize
+		// to s.VirtualAddress.
+		if s.VirtualAddress <= idd.VirtualAddress && idd.VirtualAddress-s.VirtualAddress < s.VirtualSize {
 			ds = s
 			break
 		}
-- 
2.48.1