espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-20 09:58:19 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixes a few more memory access violations exposed by fuzzed binaries.

Browse Source 
PR binutils/17512
	* ecoff.c (_bfd_ecoff_slurp_symbol_table): Warn about and correct
	a discrepancy between the isymMax and ifdMax values in the
	symbolic header.
	* elf.c (_bfd_elf_print_private_bfd_data): Fix the range check
	scanning the external dynamic entries.
This commit is contained in:
Nick Clifton
2014-11-27 12:19:10 +00:00
parent 608ce2f3c8
commit 1036838a77
3 changed files with 27 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
bfd/ChangeLog
View File

@ -1,3 +1,12 @@
2014-11-27 Nick Clifton <nickc@redhat.com>
PR binutils/17512
* ecoff.c (_bfd_ecoff_slurp_symbol_table): Warn about and correct
a discrepancy between the isymMax and ifdMax values in the
symbolic header.
* elf.c (_bfd_elf_print_private_bfd_data): Fix the range check
scanning the external dynamic entries.
2014-11-26 Nick Clifton <nickc@redhat.com> 2014-11-26 Nick Clifton <nickc@redhat.com>
PR binutils/17512 PR binutils/17512

15
bfd/ecoff.c
View File

@ -905,6 +905,7 @@ _bfd_ecoff_slurp_symbol_table (bfd *abfd)
&internal_ptr->symbol, 1, &internal_ptr->symbol, 1,
internal_esym.weakext)) internal_esym.weakext))
return FALSE; return FALSE;
/* The alpha uses a negative ifd field for section symbols. */ /* The alpha uses a negative ifd field for section symbols. */
if (internal_esym.ifd >= 0) if (internal_esym.ifd >= 0)
internal_ptr->fdr = (ecoff_data (abfd)->debug_info.fdr internal_ptr->fdr = (ecoff_data (abfd)->debug_info.fdr
@ -946,6 +947,20 @@ _bfd_ecoff_slurp_symbol_table (bfd *abfd)
} }
} }
/* PR 17512: file: 3372-3080-0.004.
A discrepancy between ecoff_data (abfd)->debug_info.symbolic_header.isymMax
and ecoff_data (abfd)->debug_info.symbolic_header.ifdMax can mean that
we have fewer symbols than we were expecting. Allow for this by updating
the symbol count and warning the user. */
if (internal_ptr - internal < bfd_get_symcount (abfd))
{
bfd_get_symcount (abfd) = internal_ptr - internal;
(*_bfd_error_handler)
(_("%B: warning: isymMax (%ld) is greater than ifdMax (%d)\n"),
abfd, ecoff_data (abfd)->debug_info.symbolic_header.isymMax,
ecoff_data (abfd)->debug_info.symbolic_header.ifdMax);
}
ecoff_data (abfd)->canonical_symbols = internal; ecoff_data (abfd)->canonical_symbols = internal;
return TRUE; return TRUE;

4
bfd/elf.c
View File

@ -1254,7 +1254,9 @@ _bfd_elf_print_private_bfd_data (bfd *abfd, void *farg)
extdyn = dynbuf; extdyn = dynbuf;
extdynend = extdyn + s->size; extdynend = extdyn + s->size;
for (; extdyn < extdynend; extdyn += extdynsize) /* PR 17512: file: id:000006,sig:06,src:000000,op:flip4,pos:5664.
Fix range check. */
for (; extdyn <= (extdynend - extdynsize); extdyn += extdynsize)
{ {
Elf_Internal_Dyn dyn; Elf_Internal_Dyn dyn;
const char *name = ""; const char *name = "";