espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-12-16 06:08:09 +08:00
Code Issues Packages Projects Releases Wiki Activity

ubsan: undefined shift in loongarch_elf_add_sub_reloc_uleb128

Browse Source 
An oss-fuzz testcase found:
runtime error: shift exponent 140 is too large for 32-bit type 'int'
OK, that's just a completely silly uleb, but we ought to be able to
handle 64 bits here.

	* elfxx-loongarch.c (loongarch_elf_add_sub_reloc_uleb128): Formatting.
	Don't left shift int.  Avoid shifts larger than bits in a bfd_vma.
This commit is contained in:
Alan Modra
2025-05-20 15:22:13 +09:30
parent a5c3478903
commit 50095e9492
1 changed files with 9 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

15
bfd/elfxx-loongarch.c
View File

@@ -2171,11 +2171,11 @@ loongarch_elf_add_sub_reloc_uleb128 (bfd *abfd,
if (output_bfd != NULL)
return bfd_reloc_continue;
relocation = symbol->value + symbol->section->output_section->vma
+ symbol->section->output_offset + reloc_entry->addend;
relocation = (symbol->value + symbol->section->output_section->vma
+ symbol->section->output_offset + reloc_entry->addend);
bfd_size_type octets = reloc_entry->address
* bfd_octets_per_byte (abfd, input_section);
bfd_size_type octets = (reloc_entry->address
* bfd_octets_per_byte (abfd, input_section));
if (!bfd_reloc_offset_in_range (reloc_entry->howto, abfd,
input_section, octets))
return bfd_reloc_outofrange;
@@ -2195,8 +2195,11 @@ loongarch_elf_add_sub_reloc_uleb128 (bfd *abfd,
break;
}
bfd_vma mask = (1 << (7 * len)) - 1;
relocation = relocation & mask;
if (7 * len < sizeof (bfd_vma))
{
bfd_vma mask = ((bfd_vma) 1 << (7 * len)) - 1;
relocation = relocation & mask;
}
loongarch_write_unsigned_leb128 (p, len, relocation);
return bfd_reloc_ok;
}