diff options
author | Alan Modra <amodra@gmail.com> | 2022-08-02 16:53:54 +0930 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2022-08-02 17:01:56 +0930 |
commit | 217cbb0055391809d6dfb56cec053fdd3cf08b75 (patch) | |
tree | 2b6d348d7757ff4b568fe77da084af9e8017e5dc /bfd | |
parent | d2dcf3908f2b1da5bc84eaef61d7b758d07009a6 (diff) | |
download | gdb-217cbb0055391809d6dfb56cec053fdd3cf08b75.zip gdb-217cbb0055391809d6dfb56cec053fdd3cf08b75.tar.gz gdb-217cbb0055391809d6dfb56cec053fdd3cf08b75.tar.bz2 |
PE objdump -x
objdump -x on PE executables produces lots of "xdata section corrupt"
and "corrupt unwind data" warnings, and refuses to dump that info. It
turns out that the sanity checks were bad, not the data. Fix them.
* pei-x86_64.c (pex64_get_unwind_info): Correct buffer overrun
sanity checks.
(pex64_xdata_print_uwd_codes): Similarly.
Diffstat (limited to 'bfd')
-rw-r--r-- | bfd/pei-x86_64.c | 22 |
1 files changed, 5 insertions, 17 deletions
diff --git a/bfd/pei-x86_64.c b/bfd/pei-x86_64.c index 7d8fc8f..795bf66 100644 --- a/bfd/pei-x86_64.c +++ b/bfd/pei-x86_64.c @@ -109,7 +109,7 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind_info *ui, memset (ui, 0, sizeof (struct pex64_unwind_info)); - if (ex_dta >= ex_dta_end || ex_dta + 4 >= ex_dta_end) + if (ex_dta >= ex_dta_end || ex_dta + 4 > ex_dta_end) return false; ui->Version = PEX64_UWI_VERSION (ex_ui->Version_Flags); @@ -124,13 +124,13 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind_info *ui, ui->rawUnwindCodesEnd = ex_dta_end; ex_dta += ui->SizeOfBlock; - if (ex_dta >= ex_dta_end) + if (ex_dta > ex_dta_end) return false; switch (ui->Flags) { case UNW_FLAG_CHAININFO: - if (ex_dta + 12 >= ex_dta_end) + if (ex_dta + 12 > ex_dta_end) return false; ui->rva_BeginAddress = bfd_get_32 (abfd, ex_dta + 0); ui->rva_EndAddress = bfd_get_32 (abfd, ex_dta + 4); @@ -140,7 +140,7 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind_info *ui, case UNW_FLAG_EHANDLER: case UNW_FLAG_UHANDLER: case UNW_FLAG_FHANDLER: - if (ex_dta + 4 >= ex_dta_end) + if (ex_dta + 4 > ex_dta_end) return false; ui->rva_ExceptionHandler = bfd_get_32 (abfd, ex_dta); ui->SizeOfBlock += 4; @@ -172,7 +172,7 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, i = 0; - if (ui->rawUnwindCodes + 1 >= ui->rawUnwindCodesEnd) + if (ui->rawUnwindCodes + ui->CountOfCodes * 2 > ui->rawUnwindCodesEnd) { fprintf (file, _("warning: corrupt unwind data\n")); return; @@ -186,12 +186,6 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, to decode instruction flow if outside an epilog. */ unsigned int func_size = rf->rva_EndAddress - rf->rva_BeginAddress; - if (ui->rawUnwindCodes + 1 + (ui->CountOfCodes * 2) >= ui->rawUnwindCodesEnd) - { - fprintf (file, _("warning: corrupt unwind data\n")); - return; - } - fprintf (file, "\tv2 epilog (length: %02x) at pc+:", ui->rawUnwindCodes[0]); @@ -215,12 +209,6 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, fputc ('\n', file); } - if (ui->rawUnwindCodes + 2 + (ui->CountOfCodes * 2) >= ui->rawUnwindCodesEnd) - { - fprintf (file, _("warning: corrupt unwind data\n")); - return; - } - for (; i < ui->CountOfCodes; i++) { const bfd_byte *dta = ui->rawUnwindCodes + 2 * i; |