From de5329f1de4cd4a938323012910310e548b2d936 Mon Sep 17 00:00:00 2001
From: Than McIntosh <thanm@google.com>
Date: Thu, 23 Jun 2022 14:11:59 -0400
Subject: [PATCH] debug/dwarf: handle malformed line table with bad program
 offset

Touch up the line table reader to ensure that it can detect and reject
an invalid program offset field in the table header.

Fixes #53329.

Change-Id: Ia8d684e909af3aca3014b4a3d0dfd431e3f5a9f0
Reviewed-on: https://go-review.googlesource.com/c/go/+/413814
Run-TryBot: Than McIntosh <thanm@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Ian Lance Taylor <iant@google.com>
---
 src/debug/dwarf/line.go | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/debug/dwarf/line.go b/src/debug/dwarf/line.go
index bb281fbdd9..4df4a1751f 100644
--- a/src/debug/dwarf/line.go
+++ b/src/debug/dwarf/line.go
@@ -215,7 +215,11 @@ func (r *LineReader) readHeader(compDir string) error {
 	} else {
 		headerLength = Offset(buf.uint32())
 	}
-	r.programOffset = buf.off + headerLength
+	programOffset := buf.off + headerLength
+	if programOffset > r.endOffset {
+		return DecodeError{"line", hdrOffset, fmt.Sprintf("malformed line table: program offset %d exceeds end offset %d", programOffset, r.endOffset)}
+	}
+	r.programOffset = programOffset
 	r.minInstructionLength = int(buf.uint8())
 	if r.version >= 4 {
 		// [DWARF4 6.2.4]
-- 
2.50.0