espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-07-11 18:27:00 +08:00
Code Issues Packages Projects Releases Wiki Activity

PR25645, readelf segfault reading fuzzed alpha-vms binary

Browse Source 
PR 25645
	* readelf.c (dump_ia64_vms_dynamic_fixups): Pass size and nmemb
	to get_data rather than multiplying.
	(dump_ia64_vms_dynamic_relocs): Likewise.
	(process_version_sections): Correct order of size and nmemb args
	in get_data call.
	(process_mips_specific): Likewise.
This commit is contained in:
Alan Modra
2020-03-09 21:26:05 +10:30
parent 865e20278c
commit 9509988993
2 changed files with 22 additions and 12 deletions

10
binutils/ChangeLog

@ -1,3 +1,13 @@
2020-03-09 Alan Modra <amodra@gmail.com>
PR 25645
* readelf.c (dump_ia64_vms_dynamic_fixups): Pass size and nmemb
to get_data rather than multiplying.
(dump_ia64_vms_dynamic_relocs): Likewise.
(process_version_sections): Correct order of size and nmemb args
in get_data call.
(process_mips_specific): Likewise.
2020-03-08 H.J. Lu <hongjiu.lu@intel.com> 2020-03-08 H.J. Lu <hongjiu.lu@intel.com>
* readelf.c (get_dynamic_data): Replace "memory chekers" with * readelf.c (get_dynamic_data): Replace "memory chekers" with

18
binutils/readelf.c

@ -7091,7 +7091,7 @@ dump_ia64_vms_dynamic_fixups (Filedata * filedata,
const char * lib_name; const char * lib_name;
imfs = get_data (NULL, filedata, dynamic_addr + fixup->fixup_rela_off, imfs = get_data (NULL, filedata, dynamic_addr + fixup->fixup_rela_off,
1, fixup->fixup_rela_cnt * sizeof (*imfs), sizeof (*imfs), fixup->fixup_rela_cnt,
_("dynamic section image fixups")); _("dynamic section image fixups"));
if (!imfs) if (!imfs)
return FALSE; return FALSE;
@ -7140,7 +7140,7 @@ dump_ia64_vms_dynamic_relocs (Filedata * filedata, struct ia64_vms_dynimgrela *i
long i; long i;
imrs = get_data (NULL, filedata, dynamic_addr + imgrela->img_rela_off, imrs = get_data (NULL, filedata, dynamic_addr + imgrela->img_rela_off,
1, imgrela->img_rela_cnt * sizeof (*imrs), sizeof (*imrs), imgrela->img_rela_cnt,
_("dynamic section image relocations")); _("dynamic section image relocations"));
if (!imrs) if (!imrs)
return FALSE; return FALSE;
@ -10898,8 +10898,8 @@ process_version_sections (Filedata * filedata)
off = offset_from_vma (filedata, off = offset_from_vma (filedata,
version_info[DT_VERSIONTAGIDX (DT_VERSYM)], version_info[DT_VERSIONTAGIDX (DT_VERSYM)],
total * sizeof (short)); total * sizeof (short));
edata = (unsigned char *) get_data (NULL, filedata, off, total, edata = (unsigned char *) get_data (NULL, filedata, off,
sizeof (short), sizeof (short), total,
_("version symbol data")); _("version symbol data"));
if (!edata) if (!edata)
{ {
@ -16639,8 +16639,8 @@ process_mips_specific (Filedata * filedata)
size_t cnt; size_t cnt;
elib = (Elf32_External_Lib *) get_data (NULL, filedata, liblist_offset, elib = (Elf32_External_Lib *) get_data (NULL, filedata, liblist_offset,
liblistno,
sizeof (Elf32_External_Lib), sizeof (Elf32_External_Lib),
liblistno,
_("liblist section data")); _("liblist section data"));
if (elib) if (elib)
{ {
@ -17008,8 +17008,8 @@ process_mips_specific (Filedata * filedata)
Elf32_External_Conflict * econf32; Elf32_External_Conflict * econf32;
econf32 = (Elf32_External_Conflict *) econf32 = (Elf32_External_Conflict *)
get_data (NULL, filedata, conflicts_offset, conflictsno, get_data (NULL, filedata, conflicts_offset,
sizeof (* econf32), _("conflict")); sizeof (*econf32), conflictsno, _("conflict"));
if (!econf32) if (!econf32)
return FALSE; return FALSE;
@ -17023,8 +17023,8 @@ process_mips_specific (Filedata * filedata)
Elf64_External_Conflict * econf64; Elf64_External_Conflict * econf64;
econf64 = (Elf64_External_Conflict *) econf64 = (Elf64_External_Conflict *)
get_data (NULL, filedata, conflicts_offset, conflictsno, get_data (NULL, filedata, conflicts_offset,
sizeof (* econf64), _("conflict")); sizeof (*econf64), conflictsno, _("conflict"));
if (!econf64) if (!econf64)
return FALSE; return FALSE;