File libdwarf-cve-2020-27545.diff of Package libdwarf.29697

A backport of the important part of upstreams d871f028de to
fix CVE-2020-27545 .

The upstream commit also touched dwarf5 code, which our libdwarf
version doesn't have.  And the error reporting routines were
rewritten so those parts don't apply.
--- libdwarf/dwarf_line_table_reader_common.c.mm	2016-11-02 22:36:56.000000000 +0100
+++ libdwarf/dwarf_line_table_reader_common.c	2023-07-03 15:27:51.399888774 +0200
@@ -1637,7 +1637,15 @@ read_line_table_program(Dwarf_Debug dbg,
                     other than we know now many bytes it is
                     and the op code and the bytes of operand. */
                 Dwarf_Unsigned remaining_bytes = instr_length -1;
-                if (instr_length < 1 || remaining_bytes > DW_LNE_LEN_MAX) {
+		Dwarf_Unsigned space_left =
+		    (line_ptr <= line_ptr_end)?
+		    (line_ptr_end - line_ptr):0xfffffff;
+
+		/*  By catching this here instead of PRINTING_DETAILS
+		    we avoid reading off of our data of interest*/
+                if (instr_length < 1 ||
+		    space_left < remaining_bytes ||
+		    remaining_bytes > DW_LNE_LEN_MAX) {
                     _dwarf_free_chain_entries(dbg,head_chain,line_count);
                     _dwarf_error(dbg, error,
                         DW_DLE_LINE_TABLE_BAD);
@@ -1650,6 +1658,8 @@ read_line_table_program(Dwarf_Debug dbg,
                 dwarf_printf(dbg,
                     "Bytecount: %" DW_PR_DUu , (Dwarf_Unsigned)instr_length);
                 if (remaining_bytes > 0) {
+		    /*  If remaining bytes > distance to end
+		        we will have an error. */
                     dwarf_printf(dbg,
                         " linedata: 0x");
                     while (remaining_bytes > 0) {