ld: don't chance overrunning PE .reloc section content
Jan Beulich
jbeulich@suse.com
Thu Mar 11 16:50:40 GMT 2021
The allocation of reloc_d doesn't take reloc_s->size into account. There
is already padding being emitted up to the allocated size. While
reloc_s->size ought to still be zero at this point anyway (and hence the
code being deleted would have been just dead), don't risk writing past
the actual allocation.
ld/
2021-03-XX Jan Beulich <jbeulich@suse.com>
* pe-dll.c (generate_reloc): Drop padding to reloc_s->size.
---
Sadly the origin of (and hence possible reason for) this piece of code
can't be determined from git.
--- a/ld/pe-dll.c
+++ b/ld/pe-dll.c
@@ -1761,9 +1761,6 @@ generate_reloc (bfd *abfd, struct bfd_li
if (page_ptr != (bfd_vma) -1)
bfd_put_32 (abfd, reloc_sz - page_ptr, reloc_d + page_ptr + 4);
-
- while (reloc_sz < reloc_s->size)
- reloc_d[reloc_sz++] = 0;
}
/* Given the exiting def_file structure, print out a .DEF file that
More information about the Binutils
mailing list