diff options
author | Alan Modra <amodra@gmail.com> | 2017-11-18 23:18:22 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2017-11-19 07:41:17 +1030 |
commit | 160b1a618ad94988410dc81fce9189fcda5b7ff4 (patch) | |
tree | dafdd60da43d99637eb1249c8cc356cde636dfc8 /binutils/nm.c | |
parent | c977a5f0280f29136631cf043d6ce6cfdbc47b99 (diff) | |
download | fsf-binutils-gdb-160b1a618ad94988410dc81fce9189fcda5b7ff4.zip fsf-binutils-gdb-160b1a618ad94988410dc81fce9189fcda5b7ff4.tar.gz fsf-binutils-gdb-160b1a618ad94988410dc81fce9189fcda5b7ff4.tar.bz2 |
PR22443, Global buffer overflow in _bfd_elf_get_symbol_version_string
Symbols like *ABS* defined in bfd/section.c:global_syms are not
elf_symbol_type. They can appear on relocs and perhaps other places
in an ELF bfd, so a number of places in nm.c and objdump.c are wrong
to cast an asymbol based on the bfd being ELF. I think we lose
nothing by excluding all section symbols, not just the global_syms.
PR 22443
* nm.c (sort_symbols_by_size): Don't attempt to access
section symbol internal_elf_sym.
(print_symbol): Likewise. Don't call bfd_get_symbol_version_string
for section symbols.
* objdump.c (compare_symbols): Don't attempt to access
section symbol internal_elf_sym.
(objdump_print_symname): Don't call bfd_get_symbol_version_string
for section symbols.
Diffstat (limited to 'binutils/nm.c')
-rw-r--r-- | binutils/nm.c | 17 |
1 files changed, 10 insertions, 7 deletions
diff --git a/binutils/nm.c b/binutils/nm.c index 5b421785..dd49f09 100644 --- a/binutils/nm.c +++ b/binutils/nm.c @@ -763,7 +763,6 @@ sort_symbols_by_size (bfd *abfd, bfd_boolean is_dynamic, void *minisyms, asection *sec; bfd_vma sz; asymbol *temp; - int synthetic = (sym->flags & BSF_SYNTHETIC); if (from + size < fromend) { @@ -780,10 +779,13 @@ sort_symbols_by_size (bfd *abfd, bfd_boolean is_dynamic, void *minisyms, sec = bfd_get_section (sym); /* Synthetic symbols don't have a full type set of data available, thus - we can't rely on that information for the symbol size. */ - if (!synthetic && bfd_get_flavour (abfd) == bfd_target_elf_flavour) + we can't rely on that information for the symbol size. Ditto for + bfd/section.c:global_syms like *ABS*. */ + if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 + && bfd_get_flavour (abfd) == bfd_target_elf_flavour) sz = ((elf_symbol_type *) sym)->internal_elf_sym.st_size; - else if (!synthetic && bfd_is_com_section (sec)) + else if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0 + && bfd_is_com_section (sec)) sz = sym->value; else { @@ -872,8 +874,9 @@ print_symbol (bfd * abfd, info.sinfo = &syminfo; info.ssize = ssize; - /* Synthetic symbols do not have a full symbol type set of data available. */ - if ((sym->flags & BSF_SYNTHETIC) != 0) + /* Synthetic symbols do not have a full symbol type set of data available. + Nor do bfd/section.c:global_syms like *ABS*. */ + if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) != 0) { info.elfinfo = NULL; info.coffinfo = NULL; @@ -891,7 +894,7 @@ print_symbol (bfd * abfd, const char * version_string = NULL; bfd_boolean hidden = FALSE; - if ((sym->flags & BSF_SYNTHETIC) == 0) + if ((sym->flags & (BSF_SECTION_SYM | BSF_SYNTHETIC)) == 0) version_string = bfd_get_symbol_version_string (abfd, sym, &hidden); if (bfd_is_und_section (bfd_get_section (sym))) |