PATCH: PR ld/12730: regression] crash when allocating in a static constructor

Alan Modra amodra@gmail.com
Sat May 7 14:05:00 GMT 2011


On Sat, May 07, 2011 at 06:39:42AM -0700, H.J. Lu wrote:
> +	  /* We need to reverse-copy input .ctors/.dtors sections if
> +	     they are placed in .init_array/.finit_array for output.  */
> +	  if (o->size > address_size
> +	      && (o->name[6] == 0 || o->name[6] == '.')

Possible segv on accessing name[6].  Test this after the strncmp
calls.  OK with that change.

> +	      && ((strncmp (o->name, ".ctors", 6) == 0
> +		   && strcmp (o->output_section->name,
> +			      ".init_array") == 0)
> +		  || (strncmp (o->name, ".dtors", 6) == 0
> +		      && strcmp (o->output_section->name,
> +				 ".fini_array") == 0)))

-- 
Alan Modra
Australia Development Lab, IBM



More information about the Binutils mailing list