diff options
author | Nick Clifton <nickc@redhat.com> | 2015-01-15 16:22:55 +0000 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2015-01-15 16:22:55 +0000 |
commit | cd21f5daad4335b50366b838664ade64bec29957 (patch) | |
tree | 51f091bb808e6350a6c63a77cd8a4d5db16769e4 /bfd/elf32-i370.c | |
parent | 2d071cfc6614b4ec30fa4ef8b8af5bdf2c177858 (diff) | |
download | gdb-cd21f5daad4335b50366b838664ade64bec29957.zip gdb-cd21f5daad4335b50366b838664ade64bec29957.tar.gz gdb-cd21f5daad4335b50366b838664ade64bec29957.tar.bz2 |
Fix memory access violations triggered by running objdump on fuzzed binaries.
PR binutils/17512
* elf-m10300.c (mn10300_info_to_howto): Replace assertion with an
error message. Never return an invalid howto pointer.
* elf32-cr16.c (cr16_info_to_howto): Likewise.
* elf32-crx.c (elf_crx_info_to_howto): Likewise.
* elf32-i370.c (i370_elf_info_to_howto): Likewise.
* elf32-mcore.c (mcore_elf_info_to_howto): Likewise.
* elf32-microblaze.c (microblaze_elf_info_to_howto): Likewise.
* elf32-mips.c (mips_elf32_rtype_to_howto): Likewise.
* elf32-pj.c (pj_elf_info_to_howto): Likewise.
* elf32-ppc.c (ppc_elf_info_to_howto): Likewise.
* elf32-spu.c (spu_elf_info_to_howto): Likewise.
* elf32-v850.c (v850_elf_info_to_howto_rela): Likewise.
* elf32-vax.c (rtype_to_howto): Likewise.
* elf64-alpha.c (elf64_alpha_info_to_howto): Likewise.
* elf64-mips.c (mips_elf64_rtype_to_howto): Likewise.
* elfn32-mips.c (sh_elf_info_to_howto): Likewise.
* elf32-sh.c (sh_elf_info_to_howto): Likewise.
(sh_elf_reloc): Check that the reloc is in range.
* reloc.c (bfd_perform_relocation): Check that the section is big
enough for the entire reloc.
(bfd_generic_get_relocated_section_contents): Report unexpected
return values from perform_reloc.
Diffstat (limited to 'bfd/elf32-i370.c')
-rw-r--r-- | bfd/elf32-i370.c | 13 |
1 files changed, 11 insertions, 2 deletions
diff --git a/bfd/elf32-i370.c b/bfd/elf32-i370.c index d4ff515..ab65cfc 100644 --- a/bfd/elf32-i370.c +++ b/bfd/elf32-i370.c @@ -294,12 +294,21 @@ i370_elf_info_to_howto (bfd *abfd ATTRIBUTE_UNUSED, arelent *cache_ptr, Elf_Internal_Rela *dst) { + unsigned int r_type; + if (!i370_elf_howto_table[ R_I370_ADDR31 ]) /* Initialize howto table. */ i370_elf_howto_init (); - BFD_ASSERT (ELF32_R_TYPE (dst->r_info) < (unsigned int) R_I370_max); - cache_ptr->howto = i370_elf_howto_table[ELF32_R_TYPE (dst->r_info)]; + r_type = ELF32_R_TYPE (dst->r_info); + if (r_type >= R_I370_max) + { + (*_bfd_error_handler) (_("%A: unrecognised I370 reloc number: %d"), + abfd, r_type); + bfd_set_error (bfd_error_bad_value); + r_type = R_I370_NONE; + } + cache_ptr->howto = i370_elf_howto_table[r_type]; } /* Hack alert -- the following several routines look generic to me ... |