This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Bogus code in coffgen.c?
On Thu, Nov 01, 2001 at 05:12:53PM -0800, Ian Lance Taylor wrote:
> >
> > We allocate a buffer of `aoutsz' bytes. Then we read `internal_f.f_opthdr'
> > bytes into it. Why?
>
> For a normal COFF target, f_opthdr should be either 0 or aoutsz.
> XCOFF is an irritating exception: XCOFF defines a large and a small
> aout header (I believe the small header is used for an object file
> while the large header is used for an executable), so for XCOFF you
> have to pay attention to f_opthdr, and not read more than that. But
> you still want to allocate aoutsz bytes. because that is what
> swap_aouthdr_in and friends expect, even for a small XCOFF header.
>
> The code does the right thing for a correct object, but it's obviously
> risky for a bad object. I think your proposed patch is appropriate;
> we may want to consider a call bfd_error_handler describing the
> problem.
>
How about this patch? It will catch more bad files.
H.J.
----
2001-11-02 H.J. Lu (hjl@gnu.org)
* coffgen.c (coff_object_p): Return 0 if header is not right.
Index: coffgen.c
===================================================================
RCS file: /work/cvs/gnu/binutils/bfd/coffgen.c,v
retrieving revision 1.24
diff -u -p -r1.24 coffgen.c
--- coffgen.c 2001/10/15 20:55:56 1.24
+++ coffgen.c 2001/11/02 08:31:52
@@ -280,7 +280,8 @@ coff_object_p (abfd)
bfd_coff_swap_filehdr_in (abfd, filehdr, &internal_f);
bfd_release (abfd, filehdr);
- if (bfd_coff_bad_format_hook (abfd, &internal_f) == false)
+ if (bfd_coff_bad_format_hook (abfd, &internal_f) == false
+ || (internal_f.f_opthdr != 0 && internal_f.f_opthdr != aoutsz))
{
bfd_set_error (bfd_error_wrong_format);
return 0;