This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Memory overrun bug in CVS arm-elf-ld
- From: Nick Clifton <nickc at redhat dot com>
- To: "Michael Checky" <Michael_Checky at Thermoking dot com>
- Cc: binutils at sources dot redhat dot com
- Date: Tue, 17 Jun 2003 10:53:04 +0100
- Subject: Re: Memory overrun bug in CVS arm-elf-ld
- References: <OFDBCB90D1.138F099C-ON86256D47.00539E2D@ingerrand.com>
Hi Michael,
> I'll try this mailing list since bug-binutils@gnu.org is full of spam.
I did see your email there, but I was slow at responding, sorry.
> I've found a memory overrun bug in arm-elf-ld, in versions 2.13.2.1 and
> CVS, which causes a segmentation fault.
Thanks for reporting this and providing a test case. It turns out the
bug was a generic linker problem, not just arm-elf specific. The
patch below fixes the bug and I will be applying it to the sources
(and the 2.14 branch) shortly.
Cheers
Nick
2003-06-17 Nick Clifton <nickc@redhat.com>
* elflink.h (elf_gc_record_vtentry): Allocate an extra element
in the vtable_entries_used array to allow for the accessing
the largest element.
Index: bfd/elflink.h
===================================================================
RCS file: /cvs/src/src/bfd/elflink.h,v
retrieving revision 1.228
diff -c -3 -p -r1.228 elflink.h
*** bfd/elflink.h 3 Jun 2003 22:27:22 -0000 1.228
--- bfd/elflink.h 17 Jun 2003 09:47:12 -0000
*************** elf_gc_record_vtentry (abfd, sec, h, add
*** 6283,6289 ****
struct elf_backend_data *bed = get_elf_backend_data (abfd);
unsigned int log_file_align = bed->s->log_file_align;
! if (addend >= h->vtable_entries_size)
{
size_t size, bytes;
bfd_boolean *ptr = h->vtable_entries_used;
--- 6283,6289 ----
struct elf_backend_data *bed = get_elf_backend_data (abfd);
unsigned int log_file_align = bed->s->log_file_align;
! if (addend > h->vtable_entries_size)
{
size_t size, bytes;
bfd_boolean *ptr = h->vtable_entries_used;
*************** elf_gc_record_vtentry (abfd, sec, h, add
*** 6304,6311 ****
}
/* Allocate one extra entry for use as a "done" flag for the
! consolidation pass. */
! bytes = ((size >> log_file_align) + 1) * sizeof (bfd_boolean);
if (ptr)
{
--- 6304,6312 ----
}
/* Allocate one extra entry for use as a "done" flag for the
! consolidation pass and another extra entry because we are
! going to write up to and including 'size' entries. */
! bytes = ((size >> log_file_align) + 2) * sizeof (bfd_boolean);
if (ptr)
{