mirror/binutils-gdb
2
0
Fork 0
mirror of https://sourceware.org/git/binutils-gdb.git synced 2024-12-15 04:31:49 +08:00
Code Issues Packages Projects Releases Wiki Activity

Fix an illegal memory access when accessing corrupt dynamic secondary relocations.

Browse Source 
PR 26931
	* elf-bfd.h (struct elf_backend_data): Add bfd_boolean field to
	slurp_secondary_relocs field.
	(_bfd_elf_slurp_secondary_reloc_section): Update prototype.
	* elf.c (_bfd_elf_slurp_secondary_reloc_section): Add new
	parameter.  Compute number of symbols based upon the new
	parameter.
	* elfcode.h (elf_slurp_reloc_table): Pass dynamic as new
	parameter.
This commit is contained in:
Nick Clifton 2020-11-23 14:07:02 +00:00
parent cbf097d7b0
commit f60742b2a1
4 changed files with 23 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
bfd/ChangeLog
View File

@ -1,3 +1,15 @@
2020-11-23 Nick Clifton <nickc@redhat.com>
PR 26931
* elf-bfd.h (struct elf_backend_data): Add bfd_boolean field to
slurp_secondary_relocs field.
(_bfd_elf_slurp_secondary_reloc_section): Update prototype.
* elf.c (_bfd_elf_slurp_secondary_reloc_section): Add new
parameter. Compute number of symbols based upon the new
parameter.
* elfcode.h (elf_slurp_reloc_table): Pass dynamic as new
parameter.
2020-11-23 H.J. Lu <hongjiu.lu@intel.com>
PR ld/26918

4
bfd/elf-bfd.h
View File

@ -1571,7 +1571,7 @@ struct elf_backend_data
const char *, unsigned int);
/* Called when after loading the normal relocs for a section. */
bfd_boolean (*slurp_secondary_relocs) (bfd *, asection *, asymbol **);
bfd_boolean (*slurp_secondary_relocs) (bfd *, asection *, asymbol **, bfd_boolean);
/* Called after writing the normal relocs for a section. */
bfd_boolean (*write_secondary_relocs) (bfd *, asection *);
@ -2919,7 +2919,7 @@ extern bfd_boolean is_debuginfo_file (bfd *);
extern bfd_boolean _bfd_elf_init_secondary_reloc_section
(bfd *, Elf_Internal_Shdr *, const char *, unsigned int);
extern bfd_boolean _bfd_elf_slurp_secondary_reloc_section
(bfd *, asection *, asymbol **);
(bfd *, asection *, asymbol **, bfd_boolean);
extern bfd_boolean _bfd_elf_copy_special_section_fields
(const bfd *, bfd *, const Elf_Internal_Shdr *, Elf_Internal_Shdr *);
extern bfd_boolean _bfd_elf_write_secondary_reloc_section

13
bfd/elf.c
View File

@ -12560,9 +12560,10 @@ _bfd_elf_init_secondary_reloc_section (bfd * abfd,
/* Read in any secondary relocs associated with SEC. */
bfd_boolean
_bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
asection * sec,
asymbol ** symbols)
_bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
asection * sec,
asymbol ** symbols,
bfd_boolean dynamic)
{
const struct elf_backend_data * const ebd = get_elf_backend_data (abfd);
asection * relsec;
@ -12641,7 +12642,10 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
continue;
}
symcount = bfd_get_symcount (abfd);
if (dynamic)
symcount = bfd_get_dynamic_symcount (abfd);
else
symcount = bfd_get_symcount (abfd);
for (i = 0, internal_reloc = internal_relocs,
native_reloc = native_relocs;
@ -12688,7 +12692,6 @@ _bfd_elf_slurp_secondary_reloc_section (bfd * abfd,
asymbol **ps;
ps = symbols + r_sym (rela.r_info) - 1;
internal_reloc->sym_ptr_ptr = ps;
/* Make sure that this symbol is not removed by strip. */
(*ps)->flags |= BSF_KEEP;

2
bfd/elfcode.h
View File

@ -1603,7 +1603,7 @@ elf_slurp_reloc_table (bfd *abfd,
symbols, dynamic))
return FALSE;
if (!bed->slurp_secondary_relocs (abfd, asect, symbols))
if (!bed->slurp_secondary_relocs (abfd, asect, symbols, dynamic))
return FALSE;
asect->relocation = relents;