binutils-gdb/ld
Nick Alcock 84f5c557a4 libctf, ld: diagnose corrupted CTF header cth_strlen
The last section in a CTF dict is the string table, at an offset
represented by the cth_stroff header field.  Its length is recorded in
the next field, cth_strlen, and the two added together are taken as the
size of the CTF dict.  Upon opening a dict, we check that none of the
header offsets exceed this size, and we check when uncompressing a
compressed dict that the result of the uncompression is the same length:
but CTF dicts need not be compressed, and short ones are not.
Uncompressed dicts just use the ctf_size without checking it.  This
field is thankfully almost unused: it is mostly used when reserializing
a dict, which can't be done to dicts read off disk since they're
read-only.

However, when opening an uncompressed foreign-endian dict we have to
copy it out of the mmaped region it is stored in so we can endian-
swap it, and we use ctf_size when doing that.  When the cth_strlen is
corrupt, this can overrun.

Fix this by checking the ctf_size in all uncompressed cases, just as we
already do in the compressed case.  Add a new test.

This came to light because various corrupted-CTF raw-asm tests had an
incorrect cth_strlen: fix all of them so they produce the expected
error again.

libctf/
	PR libctf/28933
	* ctf-open.c (ctf_bufopen_internal): Always check uncompressed
	CTF dict sizes against the section size in case the cth_strlen is
	corrupt.

ld/
	PR libctf/28933
	* testsuite/ld-ctf/diag-strlen-invalid.*: New test,
	derived from diag-cttname-invalid.s.
	* testsuite/ld-ctf/diag-cttname-invalid.s: Fix incorrect cth_strlen.
	* testsuite/ld-ctf/diag-cttname-null.s: Likewise.
	* testsuite/ld-ctf/diag-cuname.s: Likewise.
	* testsuite/ld-ctf/diag-parlabel.s: Likewise.
	* testsuite/ld-ctf/diag-parname.s: Likewise.
2022-03-23 13:48:32 +00:00
..
emulparams Adjust default page sizes for haiku arm. 2022-01-22 14:18:34 +00:00
emultempl ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
po Updated Serbian translations for the bfd, gold, ld and opcodes directories 2022-02-17 15:18:59 +00:00
scripttempl Correct .relr.dyn nocombreloc script 2022-01-13 16:39:35 +10:30
testsuite libctf, ld: diagnose corrupted CTF header cth_strlen 2022-03-23 13:48:32 +00:00
.gitignore
aclocal.m4
ChangeLog Fix linker tests to compile with gcc-12. 2022-03-01 10:10:20 +00:00
ChangeLog-0001
ChangeLog-0203
ChangeLog-2004
ChangeLog-2005
ChangeLog-2006
ChangeLog-2007
ChangeLog-2008
ChangeLog-2009
ChangeLog-2010
ChangeLog-2011
ChangeLog-2012
ChangeLog-2013
ChangeLog-2014
ChangeLog-2015
ChangeLog-2016
ChangeLog-2017
ChangeLog-2018
ChangeLog-2019
ChangeLog-2020
ChangeLog-9197
ChangeLog-9899
config.in
configure Regenerate configure files with autoconf 2.69 2022-01-23 05:27:01 -08:00
configure.ac Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
configure.host Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
configure.tgt Adjust default page sizes for haiku arm. 2022-01-22 14:18:34 +00:00
deffile.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
deffilep.y Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
dep-in.sed
elf-hints-local.h
fdl.texi
gen-doc.texi Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
genscrba.sh
genscripts.sh Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
h8-doc.texi Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ld.h Revert "PR28824, relro security issues, x86 keep COMMONPAGESIZE relro" 2022-02-14 17:39:34 -08:00
ld.texi Fix typo in ld.texi 2022-02-18 11:42:09 -08:00
ldbuildid.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldbuildid.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldcref.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldctor.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldctor.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldelf.c ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
ldelf.h ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
ldelfgen.c elf: Pass need_layout to _bfd_elf_map_sections_to_segments 2022-01-12 05:15:18 -08:00
ldelfgen.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldemul.c ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
ldemul.h ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
ldexp.c Revert "PR28824, relro security issues, x86 keep COMMONPAGESIZE relro" 2022-02-14 17:39:34 -08:00
ldexp.h PR28824, relro security issues 2022-02-13 14:00:56 +10:30
ldfile.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldfile.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldgram.y ld: Support customized output section type 2022-02-16 17:41:23 +00:00
ldint.texi Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldlang.c ld: Add a before_plugin_all_symbols_read hook 2022-03-09 18:23:43 -08:00
ldlang.h ld: Support customized output section type 2022-02-16 17:41:23 +00:00
ldlex-wrapper.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldlex.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldlex.l ld: Support customized output section type 2022-02-16 17:41:23 +00:00
ldmain.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldmain.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldmisc.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldmisc.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldver.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldver.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldwrite.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
ldwrite.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
lexsup.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
libdep_plugin.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
MAINTAINERS Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
Makefile.am Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
Makefile.in Regenerate Makefile.in files with automake 1.15.1 2022-01-23 06:59:20 -08:00
mri.c ld: Support customized output section type 2022-02-16 17:41:23 +00:00
mri.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
NEWS ld: Support customized output section type 2022-02-16 17:41:23 +00:00
pe-dll.c Fix multiple problems with DLL generation. 2022-01-11 15:43:59 +00:00
pe-dll.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
pep-dll.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
pep-dll.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
plugin.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
plugin.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
README Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
sysdep.h Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
testplug2.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
testplug3.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
testplug4.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
testplug.c Update year range in copyright notice of binutils files 2022-01-02 12:04:28 +10:30
TODO

This file contains invisible Unicode characters

This file contains invisible Unicode characters that are indistinguishable to humans but may be processed differently by a computer. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

		README for LD

This is the GNU linker.  It is distributed with other "binary
utilities" which should be in ../binutils.  See ../binutils/README for
more general notes, including where to send bug reports.

There are many features of the linker:

* The linker uses a Binary File Descriptor library (../bfd)
  that it uses to read and write object files.  This helps
  insulate the linker itself from the format of object files.

* The linker supports a number of different object file
  formats.  It can even handle multiple formats at once:
  Read two input formats and write a third.

* The linker can be configured for cross-linking.

* The linker supports a control language.

* There is a user manual (ld.texi), as well as the
  beginnings of an internals manual (ldint.texi).

Installation
============

See ../binutils/README.

If you want to make a cross-linker, you may want to specify
a different search path of -lfoo libraries than the default.
You can do this by setting the LIB_PATH variable in ./Makefile
or using the --with-lib-path configure switch.

To build just the linker, make the target all-ld from the top level
directory (one directory above this one).

Porting to a new target
=======================

See the ldint.texi manual.

Reporting bugs etc
===========================

See ../binutils/README.

Known problems
==============

The Solaris linker normally exports all dynamic symbols from an
executable.  The GNU linker does not do this by default.  This is
because the GNU linker tries to present the same interface for all
similar targets (in this case, all native ELF targets).  This does not
matter for normal programs, but it can make a difference for programs
which try to dlopen an executable, such as PERL or Tcl.  You can make
the GNU linker export all dynamic symbols with the -E or
--export-dynamic command line option.

HP/UX 9.01 has a shell bug that causes the linker scripts to be
generated incorrectly.  The symptom of this appears to be "fatal error
- scanner input buffer overflow" error messages.  There are various
workarounds to this:
  * Build and install bash, and build with "make SHELL=bash".
  * Update to a version of HP/UX with a working shell (e.g., 9.05).
  * Replace "(. ${srcdir}/scripttempl/${SCRIPT_NAME}.sc)" in
    genscripts.sh with "sh ${srcdir}..." (no parens) and make sure the
    emulparams script used exports any shell variables it sets.

Copyright (C) 2012-2022 Free Software Foundation, Inc.

Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.