diff options
| -rw-r--r-- | bfd/ChangeLog | 8 | ||||
| -rw-r--r-- | bfd/elflink.c | 13 |
2 files changed, 15 insertions, 6 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 612a490..ea813ff 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,7 +1,13 @@ +2008-02-22 H.J. Lu <hongjiu.lu@intel.com> + + PR ld/5788 + * elflink.c (elf_create_symbuf): Correct buffer size and + position. + 2008-02-22 Nick Clifton <nickc@redhat.com> PR 868 - *dwarf2.c: Revert previous patch. All of the allocate memory is + * dwarf2.c: Revert previous patch. All of the allocate memory is on an obstack which will be freed at some other time. 2008-02-20 Nick Clifton <nickc@redhat.com> diff --git a/bfd/elflink.c b/bfd/elflink.c index ab19be2..3a00a51 100644 --- a/bfd/elflink.c +++ b/bfd/elflink.c @@ -6870,7 +6870,7 @@ elf_create_symbuf (bfd_size_type symcount, Elf_Internal_Sym *isymbuf) Elf_Internal_Sym **ind, **indbufend, **indbuf; struct elf_symbuf_symbol *ssym; struct elf_symbuf_head *ssymbuf, *ssymhead; - bfd_size_type i, shndx_count; + bfd_size_type i, shndx_count, total_size; indbuf = bfd_malloc2 (symcount, sizeof (*indbuf)); if (indbuf == NULL) @@ -6890,15 +6890,16 @@ elf_create_symbuf (bfd_size_type symcount, Elf_Internal_Sym *isymbuf) if (ind[0]->st_shndx != ind[1]->st_shndx) shndx_count++; - ssymbuf = bfd_malloc ((shndx_count + 1) * sizeof (*ssymbuf) - + (indbufend - indbuf) * sizeof (*ssymbuf)); + total_size = ((shndx_count + 1) * sizeof (*ssymbuf) + + (indbufend - indbuf) * sizeof (*ssym)); + ssymbuf = bfd_malloc (total_size); if (ssymbuf == NULL) { free (indbuf); return NULL; } - ssym = (struct elf_symbuf_symbol *) (ssymbuf + shndx_count); + ssym = (struct elf_symbuf_symbol *) (ssymbuf + shndx_count + 1); ssymbuf->ssym = NULL; ssymbuf->count = shndx_count; ssymbuf->st_shndx = 0; @@ -6916,7 +6917,9 @@ elf_create_symbuf (bfd_size_type symcount, Elf_Internal_Sym *isymbuf) ssym->st_other = (*ind)->st_other; ssymhead->count++; } - BFD_ASSERT ((bfd_size_type) (ssymhead - ssymbuf) == shndx_count); + BFD_ASSERT ((bfd_size_type) (ssymhead - ssymbuf) == shndx_count + && (((bfd_hostptr_t) ssym - (bfd_hostptr_t) ssymbuf) + == total_size)); free (indbuf); return ssymbuf; |