This is the mail archive of the binutils-cvs@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

[binutils-gdb] Fix seg-fault running strip on a corrupt binary.

From: Nick Clifton <nickc at sourceware dot org>
To: bfd-cvs at sourceware dot org
Date: 6 Dec 2016 15:58:46 -0000
Subject: [binutils-gdb] Fix seg-fault running strip on a corrupt binary.

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=92744f058094edd0b29bf9762f4ac26e4c6743c2

commit 92744f058094edd0b29bf9762f4ac26e4c6743c2
Author: Nick Clifton <nickc@redhat.com>
Date:   Tue Dec 6 15:58:15 2016 +0000

    Fix seg-fault running strip on a corrupt binary.
    
    	PR binutils/20929
    	* aoutx.h (squirt_out_relocs): Check for relocs without an
    	associated symbol.

Diff:
---
 bfd/ChangeLog |  6 ++++++
 bfd/aoutx.h   | 17 +++++++++++------
 2 files changed, 17 insertions(+), 6 deletions(-)

diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 351721b..fb3f3f4 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,3 +1,9 @@
+2016-12-06  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/20929
+	* aoutx.h (squirt_out_relocs): Check for relocs without an
+	associated symbol.
+
 2016-12-06  Alan Modra  <amodra@gmail.com>
 
 	* elf64-ppc.c (ok_lo_toc_insn): Add r_type param.  Recognize
diff --git a/bfd/aoutx.h b/bfd/aoutx.h
index 43e5f8d..c64f288 100644
--- a/bfd/aoutx.h
+++ b/bfd/aoutx.h
@@ -2395,10 +2395,15 @@ NAME (aout, squirt_out_relocs) (bfd *abfd, asection *section)
 	   count != 0;
 	   --count, natptr += each_size, ++generic)
 	{
-	  if ((*generic)->howto == NULL)
+	  /* PR 20921: If the howto field has not been initialised then skip
+	     this reloc.
+	     PR 20929: Similarly for the symbol field.  */
+	  if ((*generic)->howto == NULL
+	      || (*generic)->sym_ptr_ptr == NULL)
 	    {
 	      bfd_set_error (bfd_error_invalid_operation);
-	      _bfd_error_handler (_("%B: attempt to write out unknown reloc type"), abfd);
+	      _bfd_error_handler (_("\
+%B: attempt to write out unknown reloc type"), abfd);
 	      return FALSE;
 	    }
 	  MY_swap_ext_reloc_out (abfd, *generic,
@@ -2411,12 +2416,12 @@ NAME (aout, squirt_out_relocs) (bfd *abfd, asection *section)
 	   count != 0;
 	   --count, natptr += each_size, ++generic)
 	{
-	  /* PR 20921: If the howto field has not been initialised then skip
-	     this reloc.  */
-	  if ((*generic)->howto == NULL)
+	  if ((*generic)->howto == NULL
+	      || (*generic)->sym_ptr_ptr == NULL)
 	    {
 	      bfd_set_error (bfd_error_invalid_operation);
-	      _bfd_error_handler (_("%B: attempt to write out unknown reloc type"), abfd);
+	      _bfd_error_handler (_("\
+%B: attempt to write out unknown reloc type"), abfd);
 	      return FALSE;
 	    }
 	  MY_swap_std_reloc_out (abfd, *generic,

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]