[PATCH] bfd robustification (arithmetic overflows on allocation in elf.c and corrupt version section handling)
Nick Clifton
nickc@redhat.com
Mon Jul 4 15:08:00 GMT 2005
Hi Jakub,
> 2005-06-15 Jakub Jelinek <jakub@redhat.com>
>
> * libbfd-in.h (bfd_malloc2, bfd_realloc2, bfd_zmalloc2, bfd_alloc2,
> bfd_zalloc2): New prototypes.
> * bfd-in.h (HALF_BFD_SIZE_TYPE): Define.
> * libbfd.c (bfd_malloc2, bfd_realloc2, bfd_zmalloc2): New functions.
> * opncls.c (bfd_alloc2, bfd_zalloc2): New functions.
> * elf.c (bfd_elf_get_elf_syms, setup_group, assign_section_numbers,
> elf_map_symbols, map_sections_to_segments,
> assign_file_positions_for_segments, copy_private_bfd_data,
> swap_out_syms, _bfd_elf_slurp_version_tables): Use bfd_*alloc2
> where appropriate.
> * bfd-in2.h: Rebuilt.
> * libbfd.h: Rebuilt.
>
> * elf.c (_bfd_elf_print_private_bfd_data): Don't crash on bogus
> verdef or verneed section.
> (_bfd_elf_slurp_version_tables): Handle corrupt verdef and/or
> verneed sections gracefully.
> * elfxx-sparc.c (_bfd_sparc_elf_info_to_howto_ptr): Don't crash on
> bogus relocation values.
> * elf64-ppc.c (ppc64_elf_info_to_howto): Likewise.
> * elf64-s390.c (elf_s390_info_to_howto): Likewise.
> * elf32-s390.c (elf_s390_info_to_howto): Likewise.
> * elf64-x86-64.c (elf64_x86_64_info_to_howto): Likewise.
> * elfxx-ia64.c (lookup_howto): Likewise.
Approved - please apply.
But ... have you looked at PR binutils/868 ? It applies particularly to
the use of the realloc() function, but it might be worth considering in
the wider context of the changes that you are making.
> +#define HALF_BFD_SIZE_TYPE \
> + (((bfd_size_type) 1) << (8 * sizeof (bfd_size_type) / 2))
Hmm, does this 8 assume that a byte is an 8-bit quantity ?
Cheers
Nick
More information about the Binutils
mailing list