espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-01 11:59:27 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fixes for memory access violations in the coffdump program.

Browse Source 
PR binutils/17512
	* coffdump.c (dump_coff_section): Check for a symbol being
	available before printing its name.
	(main): Check the return value from coff_grok.
	* coffgrok.c: Reformat and tidy.
	Add range checks to most functions.
	(coff_grok): Return NULL if the input bfd is not in a COFF
	format.
	* coffgrok.h: Reformat and tidy.
	(struct coff_section): Change the nrelocs field to unsigned.
	* srconv.c (main): Check the return value from coff_grok.

	* coff-i860.c (CALC_ADDEND): Always set an addend value.
	* tekhex.c (getvalue): Add an end pointer parameter.  Use it to
	avoid reading off the end of the buffer.
	(getsym): Likewise.
	(first_phase): Likewise.
	(pass_over): Pass an end pointer to the invoked function.
This commit is contained in:
Nick Clifton
2015-01-06 16:06:45 +00:00
parent fce10a8494
commit 85880250e5
8 changed files with 418 additions and 274 deletions
Download Patch File Download Diff File Expand all files Collapse all files

349
binutils/coffgrok.c
View File

@ -28,35 +28,30 @@
#include "sysdep.h"
#include "bfd.h"
#include "libiberty.h"
#include "coff/internal.h"
#include "../bfd/libcoff.h"
#include "bucomm.h"
#include "coffgrok.h"
static int lofile = 1;
static struct coff_scope *top_scope;
static struct coff_scope *file_scope;
static struct coff_ofile *ofile;
static int lofile = 1;
static struct coff_symbol *last_function_symbol;
static struct coff_type *last_function_type;
static struct coff_type *last_struct;
static struct coff_type *last_enum;
static struct coff_sfile *cur_sfile;
static struct coff_symbol **tindex;
static asymbol **syms;
static long symcount;
static struct coff_scope * top_scope;
static struct coff_scope * file_scope;
static struct coff_ofile * ofile;
static struct coff_symbol * last_function_symbol;
static struct coff_type * last_function_type;
static struct coff_type * last_struct;
static struct coff_type * last_enum;
static struct coff_sfile * cur_sfile;
static struct coff_symbol ** tindex;
static asymbol ** syms;
static long symcount;
static struct coff_ptr_struct * rawsyms;
static unsigned int rawcount;
static bfd * abfd;
#define N(x) ((x)->_n._n_nptr[1])
static struct coff_ptr_struct *rawsyms;
static int rawcount;
static bfd *abfd;
#define PTR_SIZE 4
#define SHORT_SIZE 2
#define INT_SIZE 4
@ -66,25 +61,11 @@ static bfd *abfd;
#define INDEXOF(p) ((struct coff_ptr_struct *)(p)-(rawsyms))
static struct coff_scope *empty_scope (void);
static struct coff_symbol *empty_symbol (void);
static void push_scope (int);
static void pop_scope (void);
static void do_sections_p1 (struct coff_ofile *);
static void do_sections_p2 (struct coff_ofile *);
static struct coff_where *do_where (int);
static struct coff_line *do_lines (int, char *);
static struct coff_type *do_type (int);
static struct coff_visible *do_visible (int);
static int do_define (int, struct coff_scope *);
static struct coff_ofile *doit (void);
static struct coff_scope *
empty_scope (void)
{
struct coff_scope *l;
l = (struct coff_scope *) (xcalloc (sizeof (struct coff_scope), 1));
return l;
return (struct coff_scope *) (xcalloc (sizeof (struct coff_scope), 1));
}
static struct coff_symbol *
@ -93,7 +74,6 @@ empty_symbol (void)
return (struct coff_symbol *) (xcalloc (sizeof (struct coff_symbol), 1));
}
/*int l;*/
static void
push_scope (int slink)
{
@ -122,6 +102,9 @@ push_scope (int slink)
static void
pop_scope (void)
{
/* PR 17512: file: 809933ac. */
if (top_scope == NULL)
fatal (_("Out of context scope change encountered"));
top_scope = top_scope->parent;
}
@ -138,10 +121,14 @@ do_sections_p1 (struct coff_ofile *head)
for (idx = 0, section = abfd->sections; section; section = section->next, idx++)
{
long relsize;
int i = section->target_index;
unsigned int i = section->target_index;
arelent **relpp;
long relcount;
/* PR 17512: file: 2d6effca. */
if (i > abfd->section_count)
fatal (_("Invalid section target index: %u"), i);
relsize = bfd_get_reloc_upper_bound (abfd, section);
if (relsize < 0)
bfd_fatal (bfd_get_filename (abfd));
@ -178,30 +165,56 @@ static void
do_sections_p2 (struct coff_ofile *head)
{
asection *section;
for (section = abfd->sections; section; section = section->next)
{
unsigned int j;
/* PR 17512: file: 7c1a36e8.
A corrupt COFF binary might have a reloc count but no relocs.
Handle this here. */
if (section->relocation == NULL)
continue;
for (j = 0; j < section->reloc_count; j++)
{
int idx;
unsigned int idx;
int i = section->target_index;
struct coff_reloc *r = head->sections[i].relocs + j;
struct coff_reloc *r;
arelent *sr = section->relocation + j;
if (i > head->nsections)
fatal (_("Invalid section target index: %d"), i);
/* PR 17512: file: db850ff4. */
if (j >= head->sections[i].nrelocs)
fatal (_("Target section has insufficient relocs"));
r = head->sections[i].relocs + j;
r->offset = sr->address;
r->addend = sr->addend;
idx = ((coff_symbol_type *) (sr->sym_ptr_ptr[0]))->native - rawsyms;
if (idx >= rawcount)
{
if (rawcount == 0)
fatal (_("Symbol index %u encountered when there are no symbols"), idx);
non_fatal (_("Invalid symbol index %u encountered"), idx);
idx = 0;
}
r->symbol = tindex[idx];
}
}
}
static struct coff_where *
do_where (int i)
do_where (unsigned int i)
{
struct internal_syment *sym = &rawsyms[i].u.syment;
struct internal_syment *sym;
struct coff_where *where =
(struct coff_where *) (xmalloc (sizeof (struct coff_where)));
if (i >= rawcount)
fatal ("Invalid symbol index: %d\n", i);
sym = &rawsyms[i].u.syment;
where->offset = sym->n_value;
if (sym->n_scnum == -1)
@ -231,7 +244,16 @@ do_where (int i)
case C_EXTDEF:
case C_LABEL:
where->where = coff_where_memory;
where->section = &ofile->sections[sym->n_scnum];
/* PR 17512: file: 07a37c40. */
/* PR 17512: file: 0c2eb101. */
if (sym->n_scnum >= ofile->nsections || sym->n_scnum < 0)
{
non_fatal (_("Invalid section number (%d) encountered"),
sym->n_scnum);
where->section = ofile->sections;
}
else
where->section = &ofile->sections[sym->n_scnum];
break;
case C_REG:
case C_REGPARM:
@ -248,47 +270,61 @@ do_where (int i)
where->where = coff_where_typedef;
break;
default:
abort ();
fatal (_("Unrecognized symbol class: %d"), sym->n_sclass);
break;
}
return where;
}
static
struct coff_line *
static struct coff_line *
do_lines (int i, char *name ATTRIBUTE_UNUSED)
{
struct coff_line *res = (struct coff_line *) xcalloc (sizeof (struct coff_line), 1);
asection *s;
unsigned int l;
/* Find out if this function has any line numbers in the table */
/* Find out if this function has any line numbers in the table. */
for (s = abfd->sections; s; s = s->next)
{
/* PR 17512: file: 07a37c40.
A corrupt COFF binary can have a linenumber count in the header
but no line number table. This should be reported elsewhere, but
do not rely upon this. */
if (s->lineno == NULL)
continue;
for (l = 0; l < s->lineno_count; l++)
{
if (s->lineno[l].line_number == 0)
{
if (rawsyms + i == ((coff_symbol_type *) (&(s->lineno[l].u.sym[0])))->native)
{
/* These lines are for this function - so count them and stick them on */
/* These lines are for this function - so count them and stick them on. */
int c = 0;
/* Find the linenumber of the top of the function, since coff linenumbers
are relative to the start of the function. */
int start_line = rawsyms[i + 3].u.auxent.x_sym.x_misc.x_lnsz.x_lnno;
l++;
for (c = 0; s->lineno[l + c + 1].line_number; c++)
for (c = 0;
/* PR 17512: file: c2825452. */
l + c + 1 < s->lineno_count
&& s->lineno[l + c + 1].line_number;
c++)
;
/* Add two extra records, one for the prologue and one for the epilogue */
/* Add two extra records, one for the prologue and one for the epilogue. */
c += 1;
res->nlines = c;
res->lines = (int *) (xcalloc (sizeof (int), c));
res->addresses = (int *) (xcalloc (sizeof (int), c));
res->lines[0] = start_line;
res->addresses[0] = rawsyms[i].u.syment.n_value - s->vma;
for (c = 0; s->lineno[l + c + 1].line_number; c++)
for (c = 0;
/* PR 17512: file: c2825452. */
l + c + 1 < s->lineno_count
&& s->lineno[l + c + 1].line_number;
c++)
{
res->lines[c + 1] = s->lineno[l + c].line_number + start_line - 1;
res->addresses[c + 1] = s->lineno[l + c].u.offset;
@ -301,18 +337,30 @@ do_lines (int i, char *name ATTRIBUTE_UNUSED)
return res;
}
static
struct coff_type *
do_type (int i)
static struct coff_type *
do_type (unsigned int i)
{
struct internal_syment *sym = &rawsyms[i].u.syment;
union internal_auxent *aux = &rawsyms[i + 1].u.auxent;
struct coff_type *res =
(struct coff_type *) xmalloc (sizeof (struct coff_type));
int type = sym->n_type;
struct internal_syment *sym;
union internal_auxent *aux;
struct coff_type *res = (struct coff_type *) xmalloc (sizeof (struct coff_type));
int type;
int which_dt = 0;
int dimind = 0;
if (i >= rawcount)
fatal (_("Type entry %u does not have enough symbolic information"), i);
if (!rawsyms[i].is_sym)
fatal (_("Type entry %u does not refer to a symbol"), i);
sym = &rawsyms[i].u.syment;
if (sym->n_numaux == 0 || i >= rawcount -1 || rawsyms[i + 1].is_sym)
aux = NULL;
else
aux = &rawsyms[i + 1].u.auxent;
type = sym->n_type;
res->type = coff_basic_type;
res->u.basic = type & 0xf;
@ -322,28 +370,33 @@ do_type (int i)
case T_VOID:
if (sym->n_numaux && sym->n_sclass == C_STAT)
{
/* This is probably a section definition */
/* This is probably a section definition. */
res->type = coff_secdef_type;
if (aux == NULL)
fatal (_("Section definition needs a section length"));
res->size = aux->x_scn.x_scnlen;
/* PR 17512: file: 081c955d.
Fill in the asecdef structure as well. */
res->u.asecdef.address = 0;
res->u.asecdef.size = 0;
}
else
{
if (type == 0)
{
/* Don't know what this is, let's make it a simple int */
/* Don't know what this is, let's make it a simple int. */
res->size = INT_SIZE;
res->u.basic = T_UINT;
}
else
{
/* Else it could be a function or pointer to void */
/* Else it could be a function or pointer to void. */
res->size = 0;
}
}
break;
break;
case T_UCHAR:
case T_CHAR:
res->size = 1;
@ -370,17 +423,30 @@ do_type (int i)
case T_UNION:
if (sym->n_numaux)
{
if (aux == NULL)
fatal (_("Aggregate definition needs auxillary information"));
if (aux->x_sym.x_tagndx.p)
{
/* Referring to a struct defined elsewhere */
unsigned int idx = INDEXOF (aux->x_sym.x_tagndx.p);
if (idx >= rawcount)
{
if (rawcount == 0)
fatal (_("Symbol index %u encountered when there are no symbols"), idx);
non_fatal (_("Invalid symbol index %u encountered"), idx);
idx = 0;
}
/* Referring to a struct defined elsewhere. */
res->type = coff_structref_type;
res->u.astructref.ref = tindex[INDEXOF (aux->x_sym.x_tagndx.p)];
res->u.astructref.ref = tindex[idx];
res->size = res->u.astructref.ref ?
res->u.astructref.ref->type->size : 0;
}
else
{
/* A definition of a struct */
/* A definition of a struct. */
last_struct = res;
res->type = coff_structdef_type;
res->u.astructdef.elements = empty_scope ();
@ -391,23 +457,30 @@ do_type (int i)
}
else
{
/* No auxents - it's anonymous */
/* No auxents - it's anonymous. */
res->type = coff_structref_type;
res->u.astructref.ref = 0;
res->size = 0;
}
break;
case T_ENUM:
if (aux == NULL)
fatal (_("Enum definition needs auxillary information"));
if (aux->x_sym.x_tagndx.p)
{
/* Referring to a enum defined elsewhere */
unsigned int idx = INDEXOF (aux->x_sym.x_tagndx.p);
/* PR 17512: file: 1ef037c7. */
if (idx >= rawcount)
fatal (_("Invalid enum symbol index %u encountered"), idx);
/* Referring to a enum defined elsewhere. */
res->type = coff_enumref_type;
res->u.aenumref.ref = tindex[INDEXOF (aux->x_sym.x_tagndx.p)];
res->u.aenumref.ref = tindex[idx];
res->size = res->u.aenumref.ref->type->size;
}
else
{
/* A definition of an enum */
/* A definition of an enum. */
last_enum = res;
res->type = coff_enumdef_type;
res->u.aenumdef.elements = empty_scope ();
@ -428,9 +501,14 @@ do_type (int i)
{
struct coff_type *ptr = ((struct coff_type *)
xmalloc (sizeof (struct coff_type)));
int els = (dimind < DIMNUM
? aux->x_sym.x_fcnary.x_ary.x_dimen[dimind]
: 0);
int els;
if (aux == NULL)
fatal (_("Array definition needs auxillary information"));
els = (dimind < DIMNUM
? aux->x_sym.x_fcnary.x_ary.x_dimen[dimind]
: 0);
++dimind;
ptr->type = coff_array_type;
ptr->size = els * res->size;
@ -443,6 +521,7 @@ do_type (int i)
{
struct coff_type *ptr =
(struct coff_type *) xmalloc (sizeof (struct coff_type));
ptr->size = PTR_SIZE;
ptr->type = coff_pointer_type;
ptr->u.pointer.points_to = res;
@ -453,11 +532,12 @@ do_type (int i)
{
struct coff_type *ptr
= (struct coff_type *) xmalloc (sizeof (struct coff_type));
ptr->size = 0;
ptr->type = coff_function_type;
ptr->u.function.function_returns = res;
ptr->u.function.parameters = empty_scope ();
ptr->u.function.lines = do_lines (i, sym->_n._n_nptr[1]);
ptr->u.function.lines = do_lines (i, N(sym));
ptr->u.function.code = 0;
last_function_type = ptr;
res = ptr;
@ -475,6 +555,7 @@ do_visible (int i)
struct coff_visible *visible =
(struct coff_visible *) (xmalloc (sizeof (struct coff_visible)));
enum coff_vis_type t;
switch (sym->n_sclass)
{
case C_MOS:
@ -485,11 +566,9 @@ do_visible (int i)
case C_MOE:
t = coff_vis_member_of_enum;
break;
case C_REGPARM:
t = coff_vis_regparam;
break;
case C_REG:
t = coff_vis_register;
break;
@ -504,8 +583,6 @@ do_visible (int i)
t = coff_vis_autoparam;
break;
case C_AUTO:
t = coff_vis_auto;
break;
case C_LABEL:
@ -524,27 +601,32 @@ do_visible (int i)
t = coff_vis_ext_def;
break;
default:
abort ();
fatal (_("Unrecognised symbol class: %d"), sym->n_sclass);
break;
}
visible->type = t;
return visible;
}
/* Define a symbol and attach to block B. */
static int
do_define (int i, struct coff_scope *b)
do_define (unsigned int i, struct coff_scope *b)
{
static int symbol_index;
struct internal_syment *sym = &rawsyms[i].u.syment;
/* Define a symbol and attach to block b */
struct internal_syment *sym;
struct coff_symbol *s = empty_symbol ();
if (b == NULL)
fatal (_("ICE: do_define called without a block"));
if (i >= rawcount)
fatal (_("Out of range symbol index: %u"), i);
sym = &rawsyms[i].u.syment;
s->number = ++symbol_index;
s->name = sym->_n._n_nptr[1];
s->name = N(sym);
s->sfile = cur_sfile;
/* Glue onto the ofile list */
/* Glue onto the ofile list. */
if (lofile >= 0)
{
if (ofile->symbol_list_tail)
@ -552,7 +634,7 @@ do_define (int i, struct coff_scope *b)
else
ofile->symbol_list_head = s;
ofile->symbol_list_tail = s;
/* And the block list */
/* And the block list. */
}
if (b->vars_tail)
b->vars_tail->next = s;
@ -567,21 +649,27 @@ do_define (int i, struct coff_scope *b)
tindex[i] = s;
/* We remember the lowest address in each section for each source file */
/* We remember the lowest address in each section for each source file. */
if (s->where->where == coff_where_memory
&& s->type->type == coff_secdef_type)
{
struct coff_isection *is = cur_sfile->section + s->where->section->number;
struct coff_isection *is;
if (!is->init)
/* PR 17512: file: 4676c97f. */
if (cur_sfile == NULL)
non_fatal (_("Section referenced before any file is defined"));
else
{
is->low = s->where->offset;
is->high = s->where->offset + s->type->size;
is->init = 1;
is->parent = s->where->section;
}
is = cur_sfile->section + s->where->section->number;
if (!is->init)
{
is->low = s->where->offset;
is->high = s->where->offset + s->type->size;
is->init = 1;
is->parent = s->where->section;
}
}
}
if (s->type->type == coff_function_type)
@ -590,15 +678,14 @@ do_define (int i, struct coff_scope *b)
return i + sym->n_numaux + 1;
}
static
struct coff_ofile *
static struct coff_ofile *
doit (void)
{
int i;
int infile = 0;
unsigned int i;
bfd_boolean infile = FALSE;
struct coff_ofile *head =
(struct coff_ofile *) xmalloc (sizeof (struct coff_ofile));
ofile = head;
head->source_head = 0;
head->source_tail = 0;
@ -611,23 +698,25 @@ doit (void)
for (i = 0; i < rawcount;)
{
struct internal_syment *sym = &rawsyms[i].u.syment;
switch (sym->n_sclass)
{
case C_FILE:
{
/* new source file announced */
/* New source file announced. */
struct coff_sfile *n =
(struct coff_sfile *) xmalloc (sizeof (struct coff_sfile));
n->section = (struct coff_isection *) xcalloc (sizeof (struct coff_isection), abfd->section_count + 1);
cur_sfile = n;
n->name = sym->_n._n_nptr[1];
n->name = N(sym);
n->next = 0;
if (infile)
{
pop_scope ();
}
infile = 1;
pop_scope ();
else
infile = TRUE;
push_scope (1);
file_scope = n->scope = top_scope;
@ -642,17 +731,23 @@ doit (void)
break;
case C_FCN:
{
char *name = sym->_n._n_nptr[1];
char *name = N(sym);
if (name[1] == 'b')
{
/* Function start */
/* Function start. */
push_scope (0);
last_function_type->u.function.code = top_scope;
/* PR 17512: file: 0ef7fbaf. */
if (last_function_type)
last_function_type->u.function.code = top_scope;
top_scope->sec = ofile->sections + sym->n_scnum;
top_scope->offset = sym->n_value;
}
else
{
/* PR 17512: file: e92e42e1. */
if (top_scope == NULL)
fatal (_("Function start encountered without a top level scope."));
top_scope->size = sym->n_value - top_scope->offset + 1;
pop_scope ();
@ -663,17 +758,19 @@ doit (void)
case C_BLOCK:
{
char *name = sym->_n._n_nptr[1];
char *name = N(sym);
if (name[1] == 'b')
{
/* Block start */
/* Block start. */
push_scope (1);
top_scope->sec = ofile->sections + sym->n_scnum;
top_scope->offset = sym->n_value;
}
else
{
if (top_scope == NULL)
fatal (_("Block start encountered without a scope for it."));
top_scope->size = sym->n_value - top_scope->offset + 1;
pop_scope ();
}
@ -682,37 +779,50 @@ doit (void)
break;
case C_REGPARM:
case C_ARG:
if (last_function_symbol == NULL)
fatal (_("Function arguments encountered without a function definition"));
i = do_define (i, last_function_symbol->type->u.function.parameters);
break;
case C_MOS:
case C_MOU:
case C_FIELD:
/* PR 17512: file: 43ab21f4. */
if (last_struct == NULL)
fatal (_("Structure element encountered without a structure definition"));
i = do_define (i, last_struct->u.astructdef.elements);
break;
case C_MOE:
if (last_enum == NULL)
fatal (_("Enum element encountered without an enum definition"));
i = do_define (i, last_enum->u.aenumdef.elements);
break;
case C_STRTAG:
case C_ENTAG:
case C_UNTAG:
/* Various definition */
/* Various definition. */
if (top_scope == NULL)
fatal (_("Aggregate defintion encountered without a scope"));
i = do_define (i, top_scope);
break;
case C_EXT:
case C_LABEL:
if (file_scope == NULL)
fatal (_("Label defintion encountered without a file scope"));
i = do_define (i, file_scope);
break;
case C_STAT:
case C_TPDEF:
case C_AUTO:
case C_REG:
if (top_scope == NULL)
fatal (_("Variable defintion encountered without a scope"));
i = do_define (i, top_scope);
break;
default:
abort ();
case C_EOS:
i += sym->n_numaux + 1;
break;
default:
fatal (_("Unrecognised symbol class: %d"), sym->n_sclass);
}
}
do_sections_p2 (head);
@ -725,6 +835,13 @@ coff_grok (bfd *inabfd)
long storage;
struct coff_ofile *p;
abfd = inabfd;
if (! bfd_family_coff (abfd))
{
non_fatal (_("%s: is not a COFF format file"), bfd_get_filename (abfd));
return NULL;
}
storage = bfd_get_symtab_upper_bound (abfd);
if (storage < 0)