diff options
| author | Alan Modra <amodra@gmail.com> | 2020-09-17 07:44:53 +0930 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2020-09-21 09:41:05 +0930 |
| commit | b1b11e922b3de18b7e226da6fe6d87fa17564bde (patch) | |
| tree | 9b536f098bf4f10f69e2c860088804d4baf456b1 /bfd/elf32-arc.c | |
| parent | 4f94229e83d28b00d415a932ff467ee7a621081c (diff) | |
| download | gdb-b1b11e922b3de18b7e226da6fe6d87fa17564bde.zip gdb-b1b11e922b3de18b7e226da6fe6d87fa17564bde.tar.gz gdb-b1b11e922b3de18b7e226da6fe6d87fa17564bde.tar.bz2 | |
PR26569, R_RISCV_RVC_JUMP results in buffer overflow
This patch corrects "size" and "bitsize" in R_RISCV_RVC_* reloc howtos
so that elfnn-riscv.c:perform_relocation doesn't access past the end
of a section. I've also corrected "size" in the R_RISCV_CALL* reloc
howtos since these relocs apply to two consecutive instructions. That
caused fallout in the assembler with complaints about "fixup not
contained within frag" due to tc-riscv.c:append_insn finishing off a
frag after the auipc insn making up a "call" macro. Which is a little
rude since the CALL reloc also relocates the following jalr. Fixed by
changing the frag handling a little.
I've also changed R_RISCV_ALIGN and R_RISCV_TPREL_ADD marker reloc
howtos to look like R_RISCV_NONE, and corrected dst_mask for numerous
relocs, not that it matters very much.
bfd/
PR 26569
* elfxx-riscv.c (howto_table): Correct size and bitsize of
R_RISCV_RVC_BRANCH, R_RISCV_RVC_JUMP, and R_RISCV_RVC_LUI.
Correct size for R_RISCV_TLS_DTPMOD32, R_RISCV_TLS_DTPREL32,
R_RISCV_CALL, and R_RISCV_CALL_PLT. Make R_RISCV_TPREL_ADD and
R_RISCV_ALIGN like R_RISCV_NONE. Correct dst_mask many relocs.
gas/
* config/tc-riscv.c (append_insn): Don't tie off frags at CALL
relocs.
(riscv_call): Tie them off after the jalr.
(md_apply_fix): Zero fx_size of RELAX fixup.
Diffstat (limited to 'bfd/elf32-arc.c')
0 files changed, 0 insertions, 0 deletions