mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2025-03-01 13:26:47 +08:00
Code Issues Packages Projects Releases Wiki Activity

PR29846, segmentation fault in objdump.c compare_symbols

Browse Source 
Fixes a fuzzed object file problem where plt relocs were manipulated
in such a way that two synthetic symbols were generated at the same
plt location.  Won't occur in real object files.

	PR 29846
	PR 20337
	* objdump.c (compare_symbols): Test symbol flags to exclude
	section and synthetic symbols before attempting to check flavour.
This commit is contained in:
Alan Modra 2022-12-04 22:15:40 +10:30
parent 2fa250529b
commit 3d3af4ba39
1 changed files with 10 additions and 13 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

23
binutils/objdump.c
View File

@ -1222,20 +1222,17 @@ compare_symbols (const void *ap, const void *bp)
return 1;
}
if (bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour
/* Sort larger size ELF symbols before smaller. See PR20337. */
bfd_vma asz = 0;
if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0
&& bfd_get_flavour (bfd_asymbol_bfd (a)) == bfd_target_elf_flavour)
asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size;
bfd_vma bsz = 0;
if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0
&& bfd_get_flavour (bfd_asymbol_bfd (b)) == bfd_target_elf_flavour)
{
bfd_vma asz, bsz;
asz = 0;
if ((a->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0)
asz = ((elf_symbol_type *) a)->internal_elf_sym.st_size;
bsz = 0;
if ((b->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0)
bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size;
if (asz != bsz)
return asz > bsz ? -1 : 1;
}
bsz = ((elf_symbol_type *) b)->internal_elf_sym.st_size;
if (asz != bsz)
return asz > bsz ? -1 : 1;
/* Symbols that start with '.' might be section names, so sort them
after symbols that don't start with '.'. */