View | Details | Raw Unified | Return to bug 17531 | Differences between
and this patch

Collapse All | Expand All

(-)a/binutils/readelf.c (-33 / +83 lines)
Lines 316-323 get_data (void * var, FILE * file, long offset, size_t size, size_t nmemb, Link Here
316
316
317
  if (fseek (file, archive_file_offset + offset, SEEK_SET))
317
  if (fseek (file, archive_file_offset + offset, SEEK_SET))
318
    {
318
    {
319
      error (_("Unable to seek to 0x%lx for %s\n"),
319
      if (reason)
320
	     (unsigned long) archive_file_offset + offset, reason);
320
	error (_("Unable to seek to 0x%lx for %s\n"),
321
	       (unsigned long) archive_file_offset + offset, reason);
321
      return NULL;
322
      return NULL;
322
    }
323
    }
323
324
Lines 331-338 get_data (void * var, FILE * file, long offset, size_t size, size_t nmemb, Link Here
331
332
332
      if (mvar == NULL)
333
      if (mvar == NULL)
333
	{
334
	{
334
	  error (_("Out of memory allocating 0x%lx bytes for %s\n"),
335
	  if (reason)
335
		 (unsigned long)(size * nmemb), reason);
336
	    error (_("Out of memory allocating 0x%lx bytes for %s\n"),
337
		   (unsigned long)(size * nmemb), reason);
336
	  return NULL;
338
	  return NULL;
337
	}
339
	}
338
340
Lines 341-348 get_data (void * var, FILE * file, long offset, size_t size, size_t nmemb, Link Here
341
343
342
  if (fread (mvar, size, nmemb, file) != nmemb)
344
  if (fread (mvar, size, nmemb, file) != nmemb)
343
    {
345
    {
344
      error (_("Unable to read in 0x%lx bytes of %s\n"),
346
      if (reason)
345
	     (unsigned long)(size * nmemb), reason);
347
	error (_("Unable to read in 0x%lx bytes of %s\n"),
348
	       (unsigned long)(size * nmemb), reason);
346
      if (mvar != var)
349
      if (mvar != var)
347
	free (mvar);
350
	free (mvar);
348
      return NULL;
351
      return NULL;
Lines 4482-4507 offset_from_vma (FILE * file, bfd_vma vma, bfd_size_type size) Link Here
4482
}
4485
}
4483
4486
4484
4487
4485
static int
4488
/* Allocate memory and load the sections headers into the global pointer
4486
get_32bit_section_headers (FILE * file, unsigned int num)
4489
   SECTION_HEADERS.  If PROBE is true, this is just a probe and we do not
4490
   generate any error messages if the load fails.  */
4491
4492
static bfd_boolean
4493
get_32bit_section_headers (FILE * file, bfd_boolean probe)
4487
{
4494
{
4488
  Elf32_External_Shdr * shdrs;
4495
  Elf32_External_Shdr * shdrs;
4489
  Elf_Internal_Shdr *   internal;
4496
  Elf_Internal_Shdr *   internal;
4490
  unsigned int i;
4497
  unsigned int i;
4498
  unsigned int size = elf_header.e_shentsize;
4499
  unsigned int num = probe ? 1 : elf_header.e_shnum;
4500
4501
  /* PR binutils/17531: Cope with unexpected section header sizes.  */
4502
  if (size == 0 || num == 0)
4503
    return FALSE;
4504
  if (size < sizeof * shdrs)
4505
    {
4506
      if (! probe)
4507
	error (_("The e_shentsize field in the ELF header is less than the size of an ELF section header\n"));
4508
      return FALSE;
4509
    }
4510
  if (!probe && size > sizeof * shdrs)
4511
    warn (_("The e_shentsize field in the ELF header is larger than the size of an ELF section header\n"));
4491
4512
4492
  shdrs = (Elf32_External_Shdr *) get_data (NULL, file, elf_header.e_shoff,
4513
  shdrs = (Elf32_External_Shdr *) get_data (NULL, file, elf_header.e_shoff,
4493
                                            elf_header.e_shentsize, num,
4514
                                            size, num,
4494
                                            _("section headers"));
4515
					    probe ? NULL : _("section headers"));
4495
  if (!shdrs)
4516
  if (shdrs == NULL)
4496
    return 0;
4517
    return FALSE;
4497
4518
4519
  if (section_headers != NULL)
4520
    free (section_headers);
4498
  section_headers = (Elf_Internal_Shdr *) cmalloc (num,
4521
  section_headers = (Elf_Internal_Shdr *) cmalloc (num,
4499
                                                   sizeof (Elf_Internal_Shdr));
4522
                                                   sizeof (Elf_Internal_Shdr));
4500
4501
  if (section_headers == NULL)
4523
  if (section_headers == NULL)
4502
    {
4524
    {
4503
      error (_("Out of memory\n"));
4525
      if (!probe)
4504
      return 0;
4526
	error (_("Out of memory\n"));
4527
      return FALSE;
4505
    }
4528
    }
4506
4529
4507
  for (i = 0, internal = section_headers;
4530
  for (i = 0, internal = section_headers;
Lines 4521-4550 get_32bit_section_headers (FILE * file, unsigned int num) Link Here
4521
    }
4544
    }
4522
4545
4523
  free (shdrs);
4546
  free (shdrs);
4524
4547
  return TRUE;
4525
  return 1;
4526
}
4548
}
4527
4549
4528
static int
4550
static bfd_boolean
4529
get_64bit_section_headers (FILE * file, unsigned int num)
4551
get_64bit_section_headers (FILE * file, bfd_boolean probe)
4530
{
4552
{
4531
  Elf64_External_Shdr * shdrs;
4553
  Elf64_External_Shdr * shdrs;
4532
  Elf_Internal_Shdr *   internal;
4554
  Elf_Internal_Shdr *   internal;
4533
  unsigned int i;
4555
  unsigned int i;
4556
  unsigned int size = elf_header.e_shentsize;
4557
  unsigned int num = probe ? 1 : elf_header.e_shnum;
4558
4559
  /* PR binutils/17531: Cope with unexpected section header sizes.  */
4560
  if (size == 0 || num == 0)
4561
    return FALSE;
4562
  if (size < sizeof * shdrs)
4563
    {
4564
      if (! probe)
4565
	error (_("The e_shentsize field in the ELF header is less than the size of an ELF section header\n"));
4566
      return FALSE;
4567
    }
4568
  if (! probe && size > sizeof * shdrs)
4569
    warn (_("The e_shentsize field in the ELF header is larger than the size of an ELF section header\n"));
4534
4570
4535
  shdrs = (Elf64_External_Shdr *) get_data (NULL, file, elf_header.e_shoff,
4571
  shdrs = (Elf64_External_Shdr *) get_data (NULL, file, elf_header.e_shoff,
4536
                                            elf_header.e_shentsize, num,
4572
                                            size, num,
4537
                                            _("section headers"));
4573
					    probe ? NULL : _("section headers"));
4538
  if (!shdrs)
4574
  if (shdrs == NULL)
4539
    return 0;
4575
    return FALSE;
4540
4576
4577
  if (section_headers != NULL)
4578
    free (section_headers);
4541
  section_headers = (Elf_Internal_Shdr *) cmalloc (num,
4579
  section_headers = (Elf_Internal_Shdr *) cmalloc (num,
4542
                                                   sizeof (Elf_Internal_Shdr));
4580
                                                   sizeof (Elf_Internal_Shdr));
4543
4544
  if (section_headers == NULL)
4581
  if (section_headers == NULL)
4545
    {
4582
    {
4546
      error (_("Out of memory\n"));
4583
      if (! probe)
4547
      return 0;
4584
	error (_("Out of memory\n"));
4585
      return FALSE;
4548
    }
4586
    }
4549
4587
4550
  for (i = 0, internal = section_headers;
4588
  for (i = 0, internal = section_headers;
Lines 4564-4571 get_64bit_section_headers (FILE * file, unsigned int num) Link Here
4564
    }
4602
    }
4565
4603
4566
  free (shdrs);
4604
  free (shdrs);
4567
4605
  return TRUE;
4568
  return 1;
4569
}
4606
}
4570
4607
4571
static Elf_Internal_Sym *
4608
static Elf_Internal_Sym *
Lines 4998-5007 process_section_headers (FILE * file) Link Here
4998
5035
4999
  if (is_32bit_elf)
5036
  if (is_32bit_elf)
5000
    {
5037
    {
5001
      if (! get_32bit_section_headers (file, elf_header.e_shnum))
5038
      if (! get_32bit_section_headers (file, FALSE))
5002
	return 0;
5039
	return 0;
5003
    }
5040
    }
5004
  else if (! get_64bit_section_headers (file, elf_header.e_shnum))
5041
  else if (! get_64bit_section_headers (file, FALSE))
5005
    return 0;
5042
    return 0;
5006
5043
5007
  /* Read in the string table, so that we have names to display.  */
5044
  /* Read in the string table, so that we have names to display.  */
Lines 8236-8242 process_dynamic_section (FILE * file) Link Here
8236
	    {
8273
	    {
8237
	      /* Note: these braces are necessary to avoid a syntax
8274
	      /* Note: these braces are necessary to avoid a syntax
8238
		 error from the SunOS4 C compiler.  */
8275
		 error from the SunOS4 C compiler.  */
8239
	      assert (sizeof (Elf_External_Syminfo) == entry->d_un.d_val);
8276
	      /* PR binutils/17531: A corrupt file can trigger this test.
8277
		 So do not use an assert, instead generate an error message.  */
8278
	      if (sizeof (Elf_External_Syminfo) != entry->d_un.d_val)
8279
		error (_("Bad value (%d) for SYMINENT entry"),
8280
		       (int) entry->d_un.d_val);
8240
	    }
8281
	    }
8241
	  else if (entry->d_tag == DT_SYMINSZ)
8282
	  else if (entry->d_tag == DT_SYMINSZ)
8242
	    syminsz = entry->d_un.d_val;
8283
	    syminsz = entry->d_un.d_val;
Lines 10133-10138 process_symbol_table (FILE * file) Link Here
10133
	      ++nsyms;
10174
	      ++nsyms;
10134
	      if (maxlength < ++lengths[hn])
10175
	      if (maxlength < ++lengths[hn])
10135
		++maxlength;
10176
		++maxlength;
10177
10178
	      /* PR binutils/17531: A corrupt binary could contain broken
10179
		 histogram data.  Do not go into an infinite loop trying
10180
		 to process it.  */
10181
	      if (chains[si] == si)
10182
		{
10183
		  error (_("histogram chain links to itself\n"));
10184
		  break;
10185
		}
10136
	    }
10186
	    }
10137
	}
10187
	}
10138
10188
Lines 14466-14474 get_file_header (FILE * file) Link Here
14466
      /* There may be some extensions in the first section header.  Don't
14516
      /* There may be some extensions in the first section header.  Don't
14467
	 bomb if we can't read it.  */
14517
	 bomb if we can't read it.  */
14468
      if (is_32bit_elf)
14518
      if (is_32bit_elf)
14469
	get_32bit_section_headers (file, 1);
14519
	get_32bit_section_headers (file, TRUE);
14470
      else
14520
      else
14471
	get_64bit_section_headers (file, 1);
14521
	get_64bit_section_headers (file, TRUE);
14472
    }
14522
    }
14473
14523
14474
  return 1;
14524
  return 1;

Return to bug 17531