Linking EFI executables from ELF object files can result in corrupted
COFF section flags if the section's alignment is too high. Issue a
diagnostic in that case, erroring out if this is not a final link, and
make sure only in-range values get written to the output image.
While doing this also make tic80 use the generic alignment macros
instead of custom #ifdef-ary.
No testsuite regressions for the range of COFF/PE targets that actually
cross-build in the first place on x86-64-linux.
long long isn't supposed to be used without a configure test, to
support ancient compilers. Probably not terribly important nowadays.
* bfd.c (bfd_scan_vma): Don't use long long unless HAVE_LONG_LONG.
* coff-rs6000.c (FMT20): Handle hosts with 64-bit long and
Microsoft C library variant of long long format specifier.
(PRINT20): Cast value to bfd_uint64_t not long long.
* coffcode.h (coff_print_aux): Use BFD_VMA_FMT.
* coff-x86_64.c (coff_amd64_reloc): Use bfd_uint64_t rather than
long long. Don't cast to bfd_vma.
* elf32-score.c (score3_bfd_getl48): Likewise.
* vms-alpha.c (_bfd_vms_slurp_eisd): Likewise.
This patch adds a new entry point to the BFD_JUMP_TABLE_RELOCS. The
previous common implementation `bfd_set_reloc', in bfd/bfd.c, has been
moved to bfd/reloc.c with the name `_bfd_generic_set_reloc', and all
BFD targets has been adapted to use it.
This patch doesn't introduce any change on functionality, but prepares
the ground for further work.
bfd/ChangeLog:
2017-05-10 Jose E. Marchesi <jose.marchesi@oracle.com>
* targets.c (BFD_JUMP_TABLE_RELOCS): Add NAME##_set_reloc.
(struct bfd_target): New field _bfd_set_reloc.
* bfd.c (bfd_set_reloc): Call backend _set_bfd.
* reloc.c (_bfd_generic_set_reloc): New function.
* coffcode.h (coff_set_reloc): Define to _bfd_generic_set_reloc.
* nlm-target.h (nlm_set_reloc): Likewise.
* coff-rs6000.c (_bfd_xcoff_set_reloc): Likewise.
* aout-tic30.c (MY_set_reloc): Likewise.
* aout-target.h (MY_set_reloc): Likewise.
* elfxx-target.h (bfd_elfNN_set_reloc): Likewise.
* coff-alpha.c (_bfd_ecoff_set_reloc): Likewise.
* mach-o-target.c (bfd_mach_o_set_reloc): Likewise.
* vms-alpha.c (alpha_vms_set_reloc): Likewise.
* aout-adobe.c (aout_32_set_reloc): Likewise.
* bout.c (b_out_set_reloc): Likewise.
* coff-mips.c (_bfd_ecoff_set_reloc): Likewise.
* i386os9k.c (aout_32_set_reloc): Likewise.
* ieee.c (ieee_set_reloc): Likewise.
* oasys.c (oasys_set_reloc): Likewise.
* som.c (som_set_reloc): Likewise.
* versados.c (versados_set_reloc): Likewise.
* coff64-rs6000.c (rs6000_xcoff64_vec): Add
_bfd_generic_set_reloc.
(rs6000_xcoff64_aix_vec): LIkewise.
* libbfd.c (_bfd_norelocs_set_reloc): New function.
* libbfd-in.h: Prototype for _bfd_norelocs_set_reloc.
* i386msdos.c (msdos_set_reloc): Define to
_bfd_norelocs_set_reloc.
* elfcode.h (elf_set_reloc): Define.
* bfd-in2.h: Regenerated.
Not a comprehensive change, just some split out from fixes made for
the %A and %B changes.
* coffcode.h: Wrap some overly long _bfd_error_handler args.
* elf.c: Likewise.
* elf32-arm.c: Likewise.
* elf32-i386.c: Likewise.
* elf32-mep.c: Likewise.
* elf64-ia64-vms.c: Likewise.
* elf64-x86-64.c: Likewise.
* elflink.c: Likewise.
* elfnn-ia64.c: Likewise.
* elfxx-mips.c: Likewise.
PR 21096
bfd * coffcode.h (coff_write_object_contents): Enlarge size of
s_name_buf in order to avoid compile time warning about possible
integer truncation.
* elf32-nds32.c (nds32_elf_ex9_import_table): Mask off lower
32-bits of insn value before printing into buffer.
opcodes * aarch64-opc.c (print_register_list): Ensure that the register
list index will fir into the tb buffer.
(print_register_offset_address): Likewise.
* tic6x-dis.c (print_insn_tic6x): Increase size of func_unit_buf.
PR ld/19440
inc * coff/internal.h (internal_syment): Use int to hold section
number.
(N_UNDEF): Cast to int not short.
(N_ABS): Likewise.
(N_DEBUG): Likewise.
(N_TV): Likewise.
(P_TV): Likewise.
bfd PR ld/19440
* coff-rs6000.c (_bfd_xcoff_swap_sym_in): Sign extend external
section number into internal section number.
* coff64-rs6000.c (_bfd_xcoff64_swap_sym_in): Likewise.
* coffswap.h (coff_swap_sym_in): Likewise.
* peXXigen.c (_bfd_XXi_swap_sym_in): Likewise.
* coffcode.h (_coff_bigobj_swap_sym_in): Make sure that internal
section number field is big enough to hold the external value.
PR binutils/17512
* dwarf.c (eh_addr_size): Use an unsigned type.
(size_of_encoded_value): Return an unsigned type.
(read_leb128): Break if the shift becomes too big.
(process_extended_line_op): Do not read the address if the length
is too long.
(read_cie): Warn and fail if the pointer size or segment size are
too big.
* dwarf.h (DWARF2_External_LineInfo): Delete unused and incorrect
structure definition.
(DWARF2_External_PubNames): Likewise.
(DWARF2_External_CompUnit): Likewise.
(DWARF2_External_ARange): Likewise.
(DWARF2_Internal_LineInfo): Use dwarf_vma type for
li_prologue_length.
(eh_addr_size): Update prototype.
* coffcode.h (styp_to_sec_flags): Use an unsigned long type to
hold the flag bits.
* peXXigen.c (pe_print_reloc): Use unsigned types to hold the
size and number of relocs.
(pe_print_debugdata): Use a 32-bit aligned buffer to store the
codeview record.
* versados.c (process_otr): Check the esdid value before using it
to access the EDATA.
PR binutils/17512
* coffcode.h (handle_COMDAT): When searching for the section
symbol, make sure that there is space left in the symbol table.
* vms-alpha.c (_bfd_vms_slurp_ehdr): Add range checks.
PR binutils/17512
* coffcode.h (coff_set_arch_mach_hook): Check return value from
bfd_malloc.
(coff_slurp_line_table): Return FALSE if the line number
information was corrupt.
(coff_slurp_symbol_table): Return FALSE if the symbol information
was corrupt.
* mach-o.c (bfd_mach_o_bfd_copy_private_header_data): Always
initialise the fields of the dyld_info structure.
(bfd_mach_o_build_exec_seg_command): Replace assertion with an
error message and a return value.
(bfd_mach_o_layout_commands): Change the function to boolean.
Return FALSE if the function fails.
(bfd_mach_o_build_commands): Fail if bfd_mach_o_layout_commands
fails.
(bfd_mach_o_read_command): Fail if an unrecognised command is
encountered.
* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Set bfd_error if the
read fails.
(slurp_symtab): Check the return from bfd_malloc.
(_bfd_XX_bfd_copy_private_bfd_data_common): Fail if the copy
encountered an error.
(_bfd_XXi_final_link_postscript): Fail if a section could not be
copied.
* peicode.h (pe_bfd_object_p): Fail if the header could not be
swapped in.
* tekhex.c (first_phase): Fail if the section is too big.
* versados.c (struct esdid): Add content_size field.
(process_otr): Use and check the new field.
(versados_get_section_contents): Check that the section exists and
that the requested data is available.
PR binutils/17512
* addr2line.c (main): Call bfd_set_error_program_name.
* ar.c (main): Likewise.
* coffdump.c (main): Likewise.
* cxxfilt.c (main): Likewise.
* dlltool.c (main): Likewise.
* nlmconv.c (main): Likewise.
* nm.c (main): Likewise.
* objdump.c (main): Likewise.
* size.c (main): Likewise.
* srconv.c (main): Likewise.
* strings.c (main): Likewise.
* sysdump.c (main): Likewise.
* windmc.c (main): Likewise.
* windres.c (main): Likewise.
* objcopy.c (main): Likewise.
(copy_relocations_in_section): Check for relocs without associated
symbol pointers.
PR binutils/17512
* coffcode.h (coff_slurp_symbol_table): Return false if we failed
to load the line table.
* elf.c (_bfd_elf_map_sections_to_segments): Enforce a minimum
maxpagesize of 1.
* peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Fail if
the Data Directory Size is too large.
* objcopy.c (copy_object): Free the symbol table if no symbols
could be loaded.
(copy_file): Use bfd_close_all_done to close files that could not
be copied.
PR binutils/17512
* dwarf.c (display_block): Do nothing if the block starts after
the end of the buffer.
(read_and_display_attr_value): Add range checks.
(struct Frame_Chunk): Make the ncols and ra fields unsigned.
(frame_need_space): Test for an ncols of zero.
(read_cie): Fail if the augmentation data extends off the end of
the buffer.
(display_debug_frames): Add checks for read_cie failing. Add
range checks.
* coff-h8300.c (rtype2howto): Replace abort with returning a NULL
value.
* coff-h8500.c (rtype2howto): Likewise.
* coff-tic30.c (rtype2howto): Likewise.
* coff-z80.c (rtype2howto): Likewise.
* coff-z8k.c (rtype2howto): Likewise.
* coff-ia64.c (RTYPE2HOWTO): Always return a valid howto.
* coff-m68k.c (m68k_rtype2howto): Return a NULL howto if none
could be found.
* coff-mcore.c (RTYPE2HOWTO): Add range checking.
* coff-w65.c (rtype2howto): Likewise.
* coff-we32k.c (RTYPE2HOWTO): Likewise.
* pe-mips.c (RTYPE2HOWTO): Likewise.
* coff-x86_64.c (coff_amd64_reloc): Likewise. Replace abort with
an error return.
* coffcode.h (coff_slurp_reloc_table): Allow the rel parameter to
be unused.
* coffgen.c (make_a_section_from_file): Check the length of a
section name before testing to see if it is a debug section name.
(coff_object_p): Zero out any uninitialised bytes in the opt
header.
* ecoff.c (_bfd_ecoff_slurp_symbolic_info): Test for the raw
source being empty when there are values to be processed.
(_bfd_ecoff_slurp_symbol_table): Add range check.
* mach-o.c (bfd_mach_o_canonicalize_one_reloc): Likewise.
(bfd_mach_o_mangle_sections): Move test for too many sections to
before the allocation of the section table.
(bfd_mach_o_read_symtab_strtab): If the read fails, free the
memory and nullify the symbol pointer.
* reloc.c (bfd_generic_get_relocated_section_contents): Add
handling of a bfd_reloc_notsupported return value.
* versados.c (EDATA): Add range checking.
(get_record): Likewise.
(process_otr): Check for contents being available before updating
them.
(versados_canonicalize_reloc): Add range check.
PR binutils/17512
* dwarf.c (read_and_display_attr_value): Check that we do not read
past end.
(display_debug_pubnames_worker): Add range checks.
(process_debug_info): Check for invalid pointer sizes.
(display_loc_list): Likewise.
(display_loc_list_dwo): Likewise.
(display_debug_ranges): Likewise.
(display_debug_aranges): Check for invalid address size.
(read_cie): Add range checks. Replace call strchr with while loop.
* objdump.c (dump_dwarf): Replace abort with a warning message.
(print_section_stabs): Improve range checks.
* rdcoff.c (coff_get_slot): Use long for indx parameter type.
Add check for an excesively large index.
* rddbg.c (read_section_stabs_debugging_info): Zero terminate the
string table. Avoid walking off the end of the stabs data.
* stabs.c (parse_stab_string): Add check for a NULL name.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Set the line number of
corrupt entries to -1.
(coff_slurp_symbol_table): Alway initialise the value of the
symbol.
* coffgen.c (coff_print_symbol): Check that the combined pointer
is valid.
(coff_print_symbol): Do not print negative line numbers.
* peXXigen.c (pe_print_idata): Add range checking displaying
member names.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Initialise the parts of the
line number cache that would not be initialised by the copy from
the new line number table.
(coff_classify_symbol): Allow for _bfd_coff_internal_syment_name
returning NULL.
* coffgen.c (coff_get_normalized_symbols): Get the external
symbols before allocating space for the internal symbols, in case
the get fails.
* elf.c (_bfd_elf_slurp_version_tables): Only allocate a verref
array if one is needed. Likewise with the verdef array.
* peXXigen.c (_bfd_XXi_swap_sym_in): Replace abort()'s with error
messages.
(_bfd_XXi_swap_aux_in): Make sure that all fields of the aux
structure are initialised.
(pe_print_edata): Avoid reading off the end of the data buffer.
I missed this use of the loop induction variable outside the loop.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Use updated lineno_count
when building func_table.
bfd_zalloc/bfd_zmalloc to fix uninitialized memory reads is too big a
hammer, when the size allocated depends on user input. A typical
bfd_alloc, bfd_seek, bfd_bread sequence will give an error or warning
at the point the file read fails when some enormous item as described
by headers is not actually present in the file. Nice operating system
allow memory overcommit. But not if you write to the memory. So
bfd_zalloc can cause an OOM, thrashing, or system hangs.
The patch also fixes a recently introduced endless loop on bad input.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Don't bfd_zalloc, just
memset the particular bits we need. Update src after hitting loop
"continue". Don't count lineno omitted due to invalid symbols in
nbr_func, and update lineno_count. Init entire terminating
lineno. Don't both allocating terminator in n_lineno_cache.
Redirect sym->lineno pointer to where n_lineno_cache will be
copied, and free n_lineno_cache.
* pe-mips.c (NUM_HOWTOS): Typo fix.
when displaying the contents of corrupt files.
PR binutils/17521
* coff-i386.c (NUM_HOWTOS): New define.
(RTYPE2HOWTO): Use it.
(coff_i386_rtype_to_howto): Likewise.
(coff_i386_reloc_name_lookup): Likewise.
(CALC_ADDEND): Check that reloc r_type field is valid.
* coff-x86_64.c (NUM_HOWTOS): New define.
(RTYPE2HOWTO): Use it.
(coff_amd64_rtype_to_howto): Likewise.
(coff_amd64_reloc_name_lookup): Likewise.
(CALC_ADDEND): Check that reloc r_type field is valid.
* coffcode.h (coff_slurp_line_table): Check for symbol table
indexing underflow.
(coff_slurp_symbol_table): Use zalloc to ensure that all table
entries are initialised.
* coffgen.c (_bfd_coff_read_string_table): Initialise unused bits
in the string table. Also ensure that the table is 0 terminated.
(coff_get_normalized_symtab): Check for symbol table indexing
underflow.
* opncls.c (bfd_alloc): Catch the case where a small negative size
can result in only 1 byte being allocated.
(bfd_alloc2): Use bfd_alloc.
* pe-mips.c (NUM_HOWTOS): New define.
(coff_mips_reloc_name_lookup): Use it.
(CALC_ADDEND): Check that reloc r_type field is valid.
* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Initialise unused entries
in the DataDirectory.
(pe_print_idata): Avoid reading beyond the end of the data block
wen printing strings.
(pe_print_edata): Likewise.
Check for table indexing underflow.
* peicode.h (pe_mkobject): Initialise the pe_opthdr field.
(pe_bfd_object_p): Allocate and initialize enough space to hold a
PEAOUTHDR, even if the opt_hdr field specified less.
PR binutils/17512
* coffcode.h (handle_COMDAT): Replace abort with BFD_ASSERT.
Replace another abort with an error message.
(coff_slurp_line_table): Add more range checking.
* peXXigen.c (pe_print_debugdata): Add range checking.
PR binutils/17512
* coffcode.h (coff_set_alignment_hook): Warn if the file lies
about the number of relocations it contains.
(coff_sort_func_alent): Return 0 if the pointers are NULL.
(coff_slurp_line_table): Add more range checks. Do not free new
tables created when sorting line numbers.
* peXXigen.c (pe_print_idata): Add range checks.
(pe_print_edata): Likewise.
(rsrc_print_resource_entries): Likewise. Avoid printing control
characters. Terminate priniting if corruption is detected.
(rsrc_print_resource_directory): Terminate printing if an unknown
directory type is encountered.
(pe_print_debugdata): Fix off-by-one error.
(rsrc_count_entries): Add range checking.
(rsrc_parse_entry): Likewise.
PR binutils/17512
* objdump.c (slurp_symtab): Fail gracefully if the table could not
be read.
(dump_relocs_in_section): Likewise.
* aoutx.h (slurp_symbol_table): Check that computed table size is
not bigger than the file from which is it being read.
(slurp_reloc_table): Likewise.
* coffcode.h (coff_slurp_line_table): Remove unneeded local
'warned'. Do not try to print the details of a symbol with an
invalid index.
* coffgen.c (make_a_sectiobn_from_file): Check computed string
index against length of string table.
(bfd_coff_internal_syment_name): Check read in string offset
against length of string table.
(build_debug_section): Return a pointer to the section used.
(_bfd_coff_read_string_table): Store the length of the string
table in the coff_tdata structure.
(bfd_coff_free_symbols): Set the length of the string table to
zero when it is freed.
(coff_get_normalized_symtab): Check offsets against string table
or data table lengths as appropriate.
* cofflink.c (_bfd_coff_link_input_bfd): Check offset against
length of string table.
* compress.c (bfd_get_full_section_contents): Check computed size
against the size of the file.
* libcoff-in.h (obj_coff_strings_len): Define.
(struct coff_tdata): Add strings_len field.
* libcoff.h: Regenerate.
* peXXigen.c (pe_print_debugdata): Do not attempt to print the
data if the debug section is too small.
* xcofflink.c (xcoff_link_input_bfd): Check offset against
length of string table.
bfd/
* peicode.h (pe_ILF_object_p): Adjust, as the version number
has been read.
(pe_bfd_object_p): Also read version number to detect ILF.
* pe-x86_64.c (COFF_WITH_PE_BIGOBJ): Define.
(x86_64pe_bigobj_vec): Define
* coffcode.h (bfd_coff_backend_data): Add _bfd_coff_max_nscns field.
(bfd_coff_max_nscns): New macro.
(coff_compute_section_file_positions): Use unsigned int for
target_index. Compare with bfd_coff_max_nscns.
(bfd_coff_std_swap_table, ticoff0_swap_table, ticoff1_swap_table):
Set a value for _bfd_coff_max_nscns.
(header_bigobj_classid): New constant.
(coff_bigobj_swap_filehdr_in, coff_bigobj_swap_filehdr_out)
(coff_bigobj_swap_sym_in, coff_bigobj_swap_sym_out)
(coff_bigobj_swap_aux_in, coff_bigobj_swap_aux_out): New
functions.
(bigobj_swap_table): New table.
* libcoff.h: Regenerate.
* coff-sh.c (bfd_coff_small_swap_table): Likewise.
* coff-alpha.c (alpha_ecoff_backend_data): Add value for
_bfd_coff_max_nscns.
* coff-mips.c (mips_ecoff_backend_data): Likewise.
* coff-rs6000.c (bfd_xcoff_backend_data)
(bfd_pmac_xcoff_backend_data): Likewise.
* coff64-rs6000.c (bfd_xcoff_backend_data)
(bfd_xcoff_aix5_backend_data): Likewise.
* targets.c (x86_64pe_bigobj_vec): Declare.
* configure.in (x86_64pe_bigobj_vec): New vector.
* configure: Regenerate.
* config.bfd: Add bigobj object format for Windows targets.
gas/
* config/tc-i386.c (use_big_obj): Declare.
(OPTION_MBIG_OBJ): Define.
(md_longopts): Add -mbig-obj option.
(md_parse_option): Handle it.
(md_show_usage): Display help for this option.
(i386_target_format): Use bigobj for x86-64 if -mbig-obj.
* doc/c-i386.texi: Document the option.
gas/testsuite/
* gas/pe/big-obj.d, gas/pe/big-obj.s: Add test.
* gas/pe/pe.exp: Add test.
include/coff/
* pe.h (struct external_ANON_OBJECT_HEADER_BIGOBJ): Declare.
(FILHSZ_BIGOBJ): Define.
(struct external_SYMBOL_EX): Declare.
(SYMENT_BIGOBJ, SYMESZ_BIGOBJ): Define.
(union external_AUX_SYMBOL_EX): Declare.
(AUXENT_BIGOBJ, AUXESZ_BIGOBJ): Define.
* internal.h (struct internal_filehdr): Change type
of f_nscns.
