From 6224a6c2ead26a04f0b2b8ccf4ff5b817afbb425 Mon Sep 17 00:00:00 2001
From: Xi Ruoyao <xry111@xry111.site>
Date: Tue, 20 Sep 2022 14:09:29 +0800
Subject: LoongArch: Don't write into GOT for local ifunc

Local ifuncs are always resolved at runtime via R_LARCH_IRELATIVE, so
there is no need to write anything into GOT.  And when we write the GOT
we actually trigger a heap-buffer-overflow: If a and b are different
sections, we cannot access something in b with "a->contents + (offset
from a)" because "a->contents" and "b->contents" are heap buffers
allocated separately, not slices of a large buffer.

So stop writing into GOT for local ifunc now.
---
 bfd/elfnn-loongarch.c | 5 +++--
 1 file changed, 3 insertions(+), 2 deletions(-)

(limited to 'bfd')

diff --git a/bfd/elfnn-loongarch.c b/bfd/elfnn-loongarch.c
index ed42b8b..af18a8a 100644
--- a/bfd/elfnn-loongarch.c
+++ b/bfd/elfnn-loongarch.c
@@ -3179,6 +3179,8 @@ loongarch_elf_relocate_section (bfd *output_bfd, struct bfd_link_info *info,
 						     htab->elf.srelgot, &rela);
 			}
 		      h->got.offset |= 1;
+		      bfd_put_NN (output_bfd, relocation,
+				  got->contents + got_off);
 		    }
 		}
 	      else
@@ -3200,10 +3202,9 @@ loongarch_elf_relocate_section (bfd *output_bfd, struct bfd_link_info *info,
 			}
 		      local_got_offsets[r_symndx] |= 1;
 		    }
+		  bfd_put_NN (output_bfd, relocation, got->contents + got_off);
 		}
 
-	      bfd_put_NN (output_bfd, relocation, got->contents + got_off);
-
 	      relocation = got_off + sec_addr (got);
 	    }
 
-- 
cgit v1.1