diff options
author | Alan Modra <amodra@gmail.com> | 2020-02-19 13:15:06 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2020-02-19 13:15:06 +1030 |
commit | 1f4361a77b18c5ab32baf2f30fefe5e301e017be (patch) | |
tree | 60d1db1d413b74073da9d11322b8d2d971106d30 /bfd/coffcode.h | |
parent | 446f7ed5abfd2d0bed8c4442d0634b1a8bc116f4 (diff) | |
download | binutils-1f4361a77b18c5ab32baf2f30fefe5e301e017be.zip binutils-1f4361a77b18c5ab32baf2f30fefe5e301e017be.tar.gz binutils-1f4361a77b18c5ab32baf2f30fefe5e301e017be.tar.bz2 |
_bfd_mul_overflow
This patch removes the bfd_alloc2 series of memory allocation functions,
replacing them with __builtin_mul_overflow followed by bfd_alloc. Why
do that? Well, a followup patch will implement _bfd_alloc_and_read
and I don't want to implement alloc2 variants as well.
* coffcode.h (buy_and_read, coff_slurp_line_table),
(coff_slurp_symbol_table, coff_slurp_reloc_table): Replace
bfd_[z][m]alloc2 calls with _bfd_mul_overflow followed by the
corresponding bfd_alloc call. Adjust variables to suit.
* coffgen.c (_bfd_coff_get_external_symbols): Likewise.
* ecoff.c (_bfd_ecoff_slurp_symbolic_info),
(_bfd_ecoff_slurp_symbol_table, READ): Likewise.
* elf.c (bfd_elf_get_elf_syms, setup_group, bfd_section_from_shdr),
(swap_out_syms, _bfd_elf_slurp_version_tables): Likewise.
* elf32-m32c.c (m32c_elf_relax_section): Likewise.
* elf32-rl78.c (rl78_elf_relax_section): Likewise.
* elf32-rx.c (elf32_rx_relax_section): Likewise.
* elf64-alpha.c (READ): Likewise.
* elfcode.h (elf_object_p, elf_write_relocs, elf_write_shdrs_and_ehdr),
(elf_slurp_symbol_table, elf_slurp_reloc_table),
(bfd_from_remote_memory): Likewise.
* elfcore.h (core_find_build_id): Likewise.
* elfxx-mips.c (READ): Likewise.
* mach-o.c (bfd_mach_o_mangle_sections),
(bfd_mach_o_read_symtab_symbols, bfd_mach_o_read_thread),
(bfd_mach_o_read_dysymtab, bfd_mach_o_flatten_sections),
(bfd_mach_o_scan, bfd_mach_o_fat_archive_p): Likewise.
* som.c (setup_sections, som_prep_for_fixups)
(som_build_and_write_symbol_table, som_slurp_symbol_table),
(som_slurp_reloc_table, som_bfd_count_ar_symbols),
(som_bfd_fill_in_ar_symbols, som_slurp_armap),
(som_bfd_ar_write_symbol_stuff): Likewise.
* vms-alpha.c (vector_grow1): Likewise.
* vms-lib.c (vms_add_index): Likewise.
* wasm-module.c (wasm_scan_name_function_section): Likewise.
* libbfd.c (bfd_malloc2, bfd_realloc2, bfd_zmalloc2): Delete.
* opncls.c (bfd_alloc2, bfd_zalloc2): Delete.
* libbfd-in.h (bfd_malloc2, bfd_realloc2, bfd_zmalloc2),
(bfd_alloc2, bfd_zalloc2): Delete.
(_bfd_mul_overflow): Define.
* libbfd.h: Regenerate.
Diffstat (limited to 'bfd/coffcode.h')
-rw-r--r-- | bfd/coffcode.h | 70 |
1 files changed, 50 insertions, 20 deletions
diff --git a/bfd/coffcode.h b/bfd/coffcode.h index 3311b9f..551105d 100644 --- a/bfd/coffcode.h +++ b/bfd/coffcode.h @@ -4200,13 +4200,19 @@ static void * buy_and_read (bfd *abfd, file_ptr where, bfd_size_type nmemb, bfd_size_type size) { - void *area = bfd_alloc2 (abfd, nmemb, size); + void *area; + size_t amt; + if (_bfd_mul_overflow (nmemb, size, &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return NULL; + } + area = bfd_alloc (abfd, amt); if (!area) return NULL; - size *= nmemb; if (bfd_seek (abfd, where, SEEK_SET) != 0 - || bfd_bread (area, size, abfd) != size) + || bfd_bread (area, amt, abfd) != amt) return NULL; return area; } @@ -4265,6 +4271,7 @@ coff_slurp_line_table (bfd *abfd, asection *asect) LINENO *src; bfd_boolean have_func; bfd_boolean ret = TRUE; + size_t amt; if (asect->lineno_count == 0) return TRUE; @@ -4279,9 +4286,12 @@ coff_slurp_line_table (bfd *abfd, asection *asect) return FALSE; } - lineno_cache = (alent *) bfd_alloc2 (abfd, - (bfd_size_type) asect->lineno_count + 1, - sizeof (alent)); + if (_bfd_mul_overflow (asect->lineno_count + 1, sizeof (alent), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return FALSE; + } + lineno_cache = (alent *) bfd_alloc (abfd, amt); if (lineno_cache == NULL) return FALSE; @@ -4395,8 +4405,12 @@ coff_slurp_line_table (bfd *abfd, asection *asect) alent *n_lineno_cache; /* Create a table of functions. */ - func_table = (alent **) bfd_alloc2 (abfd, nbr_func, sizeof (alent *)); - if (func_table != NULL) + if (_bfd_mul_overflow (nbr_func, sizeof (alent *), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + ret = FALSE; + } + else if ((func_table = (alent **) bfd_alloc (abfd, amt)) != NULL) { alent **p = func_table; unsigned int i; @@ -4411,9 +4425,12 @@ coff_slurp_line_table (bfd *abfd, asection *asect) qsort (func_table, nbr_func, sizeof (alent *), coff_sort_func_alent); /* Create the new sorted table. */ - n_lineno_cache = (alent *) bfd_alloc2 (abfd, asect->lineno_count, - sizeof (alent)); - if (n_lineno_cache != NULL) + if (_bfd_mul_overflow (asect->lineno_count, sizeof (alent), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + ret = FALSE; + } + else if ((n_lineno_cache = (alent *) bfd_alloc (abfd, amt)) != NULL) { alent *n_cache_ptr = n_lineno_cache; @@ -4459,6 +4476,7 @@ coff_slurp_symbol_table (bfd * abfd) unsigned int *table_ptr; unsigned int number_of_symbols = 0; bfd_boolean ret = TRUE; + size_t amt; if (obj_symbols (abfd)) return TRUE; @@ -4468,15 +4486,23 @@ coff_slurp_symbol_table (bfd * abfd) return FALSE; /* Allocate enough room for all the symbols in cached form. */ - cached_area = (coff_symbol_type *) bfd_alloc2 (abfd, - obj_raw_syment_count (abfd), - sizeof (coff_symbol_type)); + if (_bfd_mul_overflow (obj_raw_syment_count (abfd), + sizeof (*cached_area), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return FALSE; + } + cached_area = (coff_symbol_type *) bfd_alloc (abfd, amt); if (cached_area == NULL) return FALSE; - table_ptr = (unsigned int *) bfd_zalloc2 (abfd, obj_raw_syment_count (abfd), - sizeof (unsigned int)); - + if (_bfd_mul_overflow (obj_raw_syment_count (abfd), + sizeof (*table_ptr), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return FALSE; + } + table_ptr = (unsigned int *) bfd_zalloc (abfd, amt); if (table_ptr == NULL) return FALSE; else @@ -4963,6 +4989,7 @@ coff_slurp_reloc_table (bfd * abfd, sec_ptr asect, asymbol ** symbols) arelent *reloc_cache; arelent *cache_ptr; unsigned int idx; + size_t amt; if (asect->relocation) return TRUE; @@ -4976,9 +5003,12 @@ coff_slurp_reloc_table (bfd * abfd, sec_ptr asect, asymbol ** symbols) native_relocs = (RELOC *) buy_and_read (abfd, asect->rel_filepos, asect->reloc_count, bfd_coff_relsz (abfd)); - reloc_cache = (arelent *) bfd_alloc2 (abfd, asect->reloc_count, - sizeof (arelent)); - + if (_bfd_mul_overflow (asect->reloc_count, sizeof (arelent), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return FALSE; + } + reloc_cache = (arelent *) bfd_alloc (abfd, amt); if (reloc_cache == NULL || native_relocs == NULL) return FALSE; |