Applies a series of patches for PR 17512 and 17533 which fix invalid memory accesses.

2014-11-13 Nick Clifton <nickc@redhat.com> PR binutils/17512 * config/obj-coff.c (coff_obj_symbol_new_hook): Set the is_sym field. 2014-11-14 Nick Clifton <nickc@redhat.com> PR binutils/17512 * dwarf.c (get_encoded_value): Add an 'end' parameter. Change the 'data' parameter to a double pointer and return the updated value. (decode_location_expression): Update call to get_encoded_value. (frame_need_space): Handle the case where one or both of the mallocs fails. (read_cie): Initialise the cie pointer, even if the read fails. (display_debug_frames): Warn if the calculated block_end is before the start of the block. Break the loop if the CIE could not be read. Update call to get_encoded_value. Warn if the read CFA expressions are too big. 2014-11-13 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (process_version_sections): If the read of the version def information fails, make sure that the external verdef data is not used. (get_dynamic_data): Do not attempt to allocate memory for more dynamic data than there is in the file. If the read fails, free the allocated buffer. (process_symbol_table): Do not print dynamic information if we were unable to read the dynamic symbol table. (print_gnu_note): Do not print the note if the descsz is too small. 2014-11-12 Nick Clifton <nickc@redhat.com> PR binutils/17512 * dwarf.c (read_and_display_attr_value): Check that we do not read past end. (display_debug_pubnames_worker): Add range checks. (process_debug_info): Check for invalid pointer sizes. (display_loc_list): Likewise. (display_loc_list_dwo): Likewise. (display_debug_ranges): Likewise. (display_debug_aranges): Check for invalid address size. (read_cie): Add range checks. Replace call strchr with while loop. * objdump.c (dump_dwarf): Replace abort with a warning message. (print_section_stabs): Improve range checks. * rdcoff.c (coff_get_slot): Use long for indx parameter type. Add check for an excesively large index. * rddbg.c (read_section_stabs_debugging_info): Zero terminate the string table. Avoid walking off the end of the stabs data. * stabs.c (parse_stab_string): Add check for a NULL name. 2014-11-11 Nick Clifton <nickc@redhat.com> PR binutils/17531 * binutils/readelf.c (dynamic_nent): Change type to size_t. (slurp_rela_relocs): Use size_t type for nrelas. (slurp_rel_relocs): Likewise. (get_program_headers): Improve out of memory error message. (get_32bit_section_headers): Likewise. (get_32bit_section_headers): Likewise. (get_64bit_section_headers): Likewise. (get_32bit_elf_symbols): Likewise. (get_64bit_elf_symbols): Likewise. (process_section_groups): Likewise. (get_32bit_dynamic_section): Likewise. (get_64bit_dynamic_section): Likewise. (process_dynamic_section): Likewise. (process_version_sections): Likewise. (get_symbol_index_type): Likewise. (process_mips_specific): Likewise. (process_corefile_note_segment): Likewise. (process_version_sections): Use size_t type for total. (get_dynamic_data): Change type of number parameter to size_t. Improve out of memory error messages. (process_symbol_table): Change type of nbuckets and nchains to size_t. Skip processing of sections headers if there are none. Improve out of memory error messages. 2014-11-11 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (display_arm_attribute): Avoid reading off the end of the buffer when processing a Tag_nodefaults. 2014-11-10 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (ia64_process_unwind): Replace assertion with an error message. Add range checking for group section indicies. (hppa_process_unwind): Replace assertion with an error message. (process_syminfo): Likewise. (decode_arm_unwind_bytecode): Add range checking. (dump_section_as_strings): Add more string range checking. (display_tag_value): Likewise. (display_arm_attribute): Likewise. (display_gnu_attribute): Likewise. (display_tic6x_attribute): Likewise. (display_msp430x_attribute): Likewise. 2014-11-10 Nick Clifton <nickc@redhat.com> PR binutils/17552 * objcopy.c (copy_archive): Clean up temporary files even if an error occurs. 2014-11-07 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (get_data): Avoid allocating memory when we know that the read will fail. (find_section_by_type): New function. (get_unwind_section_word): Check for invalid symbol indicies. Check for invalid reloc types. (get_32bit_dynamic_section): Add range checks. (get_64bit_dynamic_section): Add range checks. (process_dynamic_section): Check for a corrupt time value. (process_symbol_table): Add range checks. (dump_section_as_strings): Add string length range checks. (display_tag_value): Likewise. (display_arm_attribute): Likewise. (display_gnu_attribute): Likewise. (display_tic6x_attribute): Likewise. (display_msp430x_attribute): Likewise. (process_mips_specific): Add range check. 2014-11-06 Nick Clifton <nickc@redhat.com> PR binutils/17552, binutils/17533 * bucomm.c (is_valid_archive_path): New function. Returns false for absolute pathnames and pathnames that include /../. * bucomm.h (is_valid_archive_path): Add prototype. * ar.c (extract_file): Use new function to check for valid pathnames when extracting files from an archive. * objcopy.c (copy_archive): Likewise. * doc/binutils.texi: Update documentation to mention the limitation on pathname of archive members. 2014-11-05 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (printable_section_name): New function. (printable_section_name_from_index): New function. (dump_relocations): Use new function. (process_program_headers, get_32bit_elf_symbols, (get_64bit_elf_symbols, process_section_headers, (process_section_groups, process_relocs, ia64_process_unwind, (hppa_process_unwind, get_unwind_section_word, decode_arm_unwind, (arm_process_unwind, process_version_sections, (process_symbol_table, apply_relocations, get_section_contents, (dump_section_as_strings, dump_section_as_bytes, (display_debug_section, process_attributes, process_mips_specific, (process_mips_specific process_gnu_liblist): Likewise. (get_unwind_section_word): Check for a missing symbol table. Replace aborts with error messages. (arm_process_unwind): Check for a missing string table. (process_attributes): Check for an attribute length that is too small. (process_mips_specific): Check for a corrupt GOT symbol offset. 2014-11-05 Nick Clifton <nickc@redhat.com> PR binutils/17533 * bucomm.c (is_valid_archive_path): New function. * bucomm.h (is_valid_archive_path): Prototype it. * ar.c (extract_file): Call is_valid_archive_path to verify a member filename before extracting it. * objcopy.c (copy_archive): Likewise. 2014-11-04 Nick Clifton <nickc@redhat.com> PR binutils/17531 * readelf.c (get_data): If the reason parameter is null, do not print any error messages. (get_32bit_section_headers): Verify section header entry size before reading in the section headers. (get_64bit_section_headers): Likewise. (process_section_headers): Pass FALSE to get_section_headers. (get_file_header): Pass TRUE to get_section_headers. (process_dynamic_section): Change an assert to an error message. (process_symbol_table): Handle corrupt histograms. (get_32bit_program_headers): Verify program header entry size before reading in the program headers. (get_64bit_program_headers): Likewise. (get_unwind_section_word): Do nothing if no section was provided. Fail if the offset is outside of the section. (print_dynamic_symbol): Catch out of range symbol indicies. (process_mips_specific): Likewise. (process_attributes): Make sure that there is enough space left in the section before attempting to read the length of the next attribute. 2014-11-03 Nick Clifton <nickc@redhat.com> PR binutils/17512 * objdump.c (slurp_symtab): Fail gracefully if the table could not be read. (dump_relocs_in_section): Likewise. 2014-11-14 Nick Clifton <nickc@redhat.com> PR binutils/17597 * opncls.c (bfd_get_debug_link_info): Avoid reading off the end of the section. (bfd_get_alt_debug_link_info): Likewise. 2014-11-14 Nick Clifton <nickc@redhat.com> PR binutils/17512 * ieee.c (ieee_archive_p) Skip processing if no bytes are read at all. (ieee_object_p): Likewise. 2014-11-13 H.J. Lu <hongjiu.lu@intel.com> * coffcode.h (coff_slurp_line_table): Add cast to unsigned int. 2014-11-13 H.J. Lu <hongjiu.lu@intel.com> * coffcode.h (coff_pointerize_aux_hook): Fix a typo. 2014-11-13 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffcode.h (coff_ptr_struct): Add is_sym field. (coff_new_section_hook): Set the is_sym field. (coff_pointerize_aux_hook): Check the is_sym field. (coff_print_aux): Likewise. (coff_compute_section_file_positions): Likewise. (coff_write_object_contents): Likewise. (coff_slurp_line_table): Likewise. (coff_slurp_symbol_table): Likewise. (CALC_ADDEND): Likewise. * coffgen.c (coff_renumber_symbols): Likewise. (coff_mangle_symbols): Likewise. (coff_fix_symbol_name): Likewise. (coff_write_symbol): Likewise. (coff_write_alien_symbol): Likewise. (coff_write_native_symbol): Likewise. (coff_write_symbols): Likewise. (coff_write_linenumbers): Likewise. (coff_pointerize_aux): Likewise. (coff_get_normalized_symtab): Likewise. (coff_get_symbol_info): Likewise. (bfd_coff_get_syment): Likewise. (bfd_coff_get_auxent): Likewise. (coff_print_symbol): Likewise. (coff_find_nearest_line_with_names): Likewise. (bfd_coff_set_symbol_class): Likewise. (coff_make_empty_symbol): Set the is_sym field. (coff_bfd_make_debug_symbol): Likewise. * peicode.h (pe_ILF_make_a_symbol): Likewise. * libcoff.h: Regenerate. * libcoff-in.h: Regenerate. 2014-11-12 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffcode.h (coff_slurp_line_table): Set the line number of corrupt entries to -1. (coff_slurp_symbol_table): Alway initialise the value of the symbol. * coffgen.c (coff_print_symbol): Check that the combined pointer is valid. (coff_print_symbol): Do not print negative line numbers. * peXXigen.c (pe_print_idata): Add range checking displaying member names. 2014-11-12 Alan Modra <amodra@gmail.com> PR binutils/17512 * coffcode.h (coff_slurp_line_table): Drop line number info not preceded by a valid function entry. Revert last change. 2014-11-11 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffcode.h (coff_slurp_line_table): Initialise the parts of the line number cache that would not be initialised by the copy from the new line number table. (coff_classify_symbol): Allow for _bfd_coff_internal_syment_name returning NULL. * coffgen.c (coff_get_normalized_symbols): Get the external symbols before allocating space for the internal symbols, in case the get fails. * elf.c (_bfd_elf_slurp_version_tables): Only allocate a verref array if one is needed. Likewise with the verdef array. * peXXigen.c (_bfd_XXi_swap_sym_in): Replace abort()'s with error messages. (_bfd_XXi_swap_aux_in): Make sure that all fields of the aux structure are initialised. (pe_print_edata): Avoid reading off the end of the data buffer. 2014-11-11 Alan Modra <amodra@gmail.com> PR binutils/17512 * coffcode.h (coff_slurp_line_table): Use updated lineno_count when building func_table. 2014-11-11 Alan Modra <amodra@gmail.com> PR binutils/17512 * coffcode.h (coff_slurp_line_table): Don't bfd_zalloc, just memset the particular bits we need. Update src after hitting loop "continue". Don't count lineno omitted due to invalid symbols in nbr_func, and update lineno_count. Init entire terminating lineno. Don't both allocating terminator in n_lineno_cache. Redirect sym->lineno pointer to where n_lineno_cache will be copied, and free n_lineno_cache. * pe-mips.c (NUM_HOWTOS): Typo fix. 2014-11-10 Nick Clifton <nickc@redhat.com> PR binutils/17521 * coff-i386.c (NUM_HOWTOS): New define. (RTYPE2HOWTO): Use it. (coff_i386_rtype_to_howto): Likewise. (coff_i386_reloc_name_lookup): Likewise. (CALC_ADDEND): Check that reloc r_type field is valid. * coff-x86_64.c (NUM_HOWTOS): New define. (RTYPE2HOWTO): Use it. (coff_amd64_rtype_to_howto): Likewise. (coff_amd64_reloc_name_lookup): Likewise. (CALC_ADDEND): Check that reloc r_type field is valid. * coffcode.h (coff_slurp_line_table): Check for symbol table indexing underflow. (coff_slurp_symbol_table): Use zalloc to ensure that all table entries are initialised. * coffgen.c (_bfd_coff_read_string_table): Initialise unused bits in the string table. Also ensure that the table is 0 terminated. (coff_get_normalized_symtab): Check for symbol table indexing underflow. * opncls.c (bfd_alloc): Catch the case where a small negative size can result in only 1 byte being allocated. (bfd_alloc2): Use bfd_alloc. * pe-mips.c (NUM_HOWTOS): New define. (coff_mips_reloc_name_lookup): Use it. (CALC_ADDEND): Check that reloc r_type field is valid. * peXXigen.c (_bfd_XXi_swap_aouthdr_in): Initialise unused entries in the DataDirectory. (pe_print_idata): Avoid reading beyond the end of the data block wen printing strings. (pe_print_edata): Likewise. Check for table indexing underflow. * peicode.h (pe_mkobject): Initialise the pe_opthdr field. (pe_bfd_object_p): Allocate and initialize enough space to hold a PEAOUTHDR, even if the opt_hdr field specified less. 2014-11-08 Alan Modra <amodra@gmail.com> * peXXigen.c (pe_print_idata): Revert last patch, cast lhs instead. 2014-11-07 H.J. Lu <hongjiu.lu@intel.com> * peXXigen.c (pe_print_idata): Cast to unsigned long in range checks. 2014-11-07 Alan Modra <amodra@gmail.com> * tekhex.c (tekhex_set_arch_mach): Ignore unknown arch errors. 2014-11-07 Alan Modra <amodra@gmail.com> * tekhex.c (CHUNK_SPAN): Define. (struct data_struct <chunk_init>): Use one byte per span, update all code accessing this field. (find_chunk): Add create param, don't create new entry unless set. (insert_byte): Don't save zeros. (first_phase): Set section SEC_CODE or SEC_DATA flag depending on symbol type. Create an alternate section if both types of symbol are given. Attach type '2' and '6' symbols to absolute section. (move_section_contents): Fix caching of chunk. Don't create chunk when reading, or for writing zeros. (tekhex_set_section_contents): Don't create initial chunks. (tekhex_write_object_contents): Use CHUNK_SPAN. 2014-11-07 Alan Modra <amodra@gmail.com> * aoutx.h (aout_get_external_symbols): Tidy allocation of symbol buffer. 2014-11-07 Alan Modra <amodra@gmail.com> * archive.c (_bfd_slurp_extended_name_table): Revert bfd_get_size check. * coffcode.h (coff_set_alignment_hook): Likewise. (coff_slurp_line_table): Likewise. * coffgen.c (coff_get_normalized_symtab): Likewise. (_bfd_coff_get_external_symbols): Likewise. * elf.c (bfd_elf_get_str_section): Likewise. * tekhex.c (first_phase): Likewise. 2014-11-06 Nick Clifton <nickc@redhat.com> * aoutx.h (slurp_symbol_table): Revert previous delta. (slurp_reloc_table): Likewise. * compress.c (bfd_get_full_section_contents): Remove file size test. * coffgen.c (coff_get_normalized_symtab): Allow zero-sized symtabs and do not complain about linker generated files. 2014-11-04 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffcode.h (handle_COMDAT): Replace abort with BFD_ASSERT. Replace another abort with an error message. (coff_slurp_line_table): Add more range checking. * peXXigen.c (pe_print_debugdata): Add range checking. 2014-11-05 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffcode.h (coff_set_alignment_hook): Warn if the file lies about the number of relocations it contains. (coff_sort_func_alent): Return 0 if the pointers are NULL. (coff_slurp_line_table): Add more range checks. Do not free new tables created when sorting line numbers. * peXXigen.c (pe_print_idata): Add range checks. (pe_print_edata): Likewise. (rsrc_print_resource_entries): Likewise. Avoid printing control characters. Terminate priniting if corruption is detected. (rsrc_print_resource_directory): Terminate printing if an unknown directory type is encountered. (pe_print_debugdata): Fix off-by-one error. (rsrc_count_entries): Add range checking. (rsrc_parse_entry): Likewise. 2014-11-04 Nick Clifton <nickc@redhat.com> PR binutils/17512 * compress.c (bfd_get_full_section_contents): Improve test for linker created objects. PR binutils/17533 * archive.c (_bfd_slurp_extended_name_table): Handle archives with corrupt extended name tables. 2014-11-03 Nick Clifton <nickc@redhat.com> PR binutils/17512 * aoutx.h (slurp_symbol_table): Check that computed table size is not bigger than the file from which is it being read. (slurp_reloc_table): Likewise. * coffcode.h (coff_slurp_line_table): Remove unneeded local 'warned'. Do not try to print the details of a symbol with an invalid index. * coffgen.c (make_a_sectiobn_from_file): Check computed string index against length of string table. (bfd_coff_internal_syment_name): Check read in string offset against length of string table. (build_debug_section): Return a pointer to the section used. (_bfd_coff_read_string_table): Store the length of the string table in the coff_tdata structure. (bfd_coff_free_symbols): Set the length of the string table to zero when it is freed. (coff_get_normalized_symtab): Check offsets against string table or data table lengths as appropriate. * cofflink.c (_bfd_coff_link_input_bfd): Check offset against length of string table. * compress.c (bfd_get_full_section_contents): Check computed size against the size of the file. * libcoff-in.h (obj_coff_strings_len): Define. (struct coff_tdata): Add strings_len field. * libcoff.h: Regenerate. * peXXigen.c (pe_print_debugdata): Do not attempt to print the data if the debug section is too small. * xcofflink.c (xcoff_link_input_bfd): Check offset against length of string table. 2014-10-31 Nick Clifton <nickc@redhat.com> PR binutils/17512 * coffgen.c (_bfd_coff_get_external_symbols): Do not try to load a symbol table bigger than the file. * elf.c (bfd_elf_get_str_section): Do not try to load a string table bigger than the file. * tekhex.c (first_phase): Check that the section range is sane.
author: Nick Clifton <nickc@redhat.com> 2014-11-17 16:59:09 +0000
committer: Nick Clifton <nickc@redhat.com> 2014-11-17 16:59:09 +0000
commit: 32a9d621c3c480aa093a089a36e36c35f68a4010 (patch)
tree: 230ef48b11e27fb545512cc1c2e28ae52f2f44bf /binutils/ChangeLog
parent: 022af27274b440186def92cae77c2d4304c3ce9b (diff)
download: gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.zip
gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.tar.gz
gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.tar.bz2
1 files changed, 199 insertions, 0 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 40c0f3a..c2f69e9 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,202 @@
+2014-11-17  Nick Clifton  <nickc@redhat.com>
+
+	Apply trunk patches:
+
+	2014-11-14  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17512
+	* dwarf.c (get_encoded_value): Add an 'end' parameter.  Change the
+	'data' parameter to a double pointer and return the updated value.
+	(decode_location_expression): Update call to get_encoded_value.
+	(frame_need_space): Handle the case where one or both of the
+	mallocs fails.
+	(read_cie): Initialise the cie pointer, even if the read fails.
+	(display_debug_frames): Warn if the calculated block_end is before
+	the start of the block.  Break the loop if the CIE could not be
+	read.  Update call to get_encoded_value.  Warn if the read CFA
+	expressions are too big.
+
+	2014-11-13  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (process_version_sections): If the read of the version
+	def information fails, make sure that the external verdef data is
+	not used.
+	(get_dynamic_data): Do not attempt to allocate memory for more
+	dynamic data than there is in the file.  If the read fails, free
+	the allocated buffer.
+	(process_symbol_table): Do not print dynamic information if we
+	were unable to read the dynamic symbol table.
+	(print_gnu_note): Do not print the note if the descsz is too
+	small.
+
+	2014-11-12  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17512
+	* dwarf.c (read_and_display_attr_value): Check that we do not read
+	past end.
+	(display_debug_pubnames_worker): Add range checks.
+	(process_debug_info): Check for invalid pointer sizes.
+	(display_loc_list): Likewise.
+	(display_loc_list_dwo): Likewise.
+	(display_debug_ranges): Likewise.
+	(display_debug_aranges): Check for invalid address size.
+	(read_cie): Add range checks.  Replace call strchr with while loop.
+	* objdump.c (dump_dwarf): Replace abort with a warning message.
+	(print_section_stabs): Improve range checks.
+	* rdcoff.c (coff_get_slot): Use long for indx parameter type.
+	Add check for an excesively large index.
+	* rddbg.c (read_section_stabs_debugging_info): Zero terminate the
+	string table.  Avoid walking off the end of the stabs data.
+	* stabs.c (parse_stab_string): Add check for a NULL name.
+
+	2014-11-11  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* binutils/readelf.c (dynamic_nent): Change type to size_t.
+	(slurp_rela_relocs): Use size_t type for nrelas.
+	(slurp_rel_relocs): Likewise.
+	(get_program_headers): Improve out of memory error message.
+	(get_32bit_section_headers): Likewise.
+	(get_32bit_section_headers): Likewise.
+	(get_64bit_section_headers): Likewise.
+	(get_32bit_elf_symbols): Likewise.
+	(get_64bit_elf_symbols): Likewise.
+	(process_section_groups): Likewise.
+	(get_32bit_dynamic_section): Likewise.
+	(get_64bit_dynamic_section): Likewise.
+	(process_dynamic_section): Likewise.
+	(process_version_sections): Likewise.
+	(get_symbol_index_type): Likewise.
+	(process_mips_specific): Likewise.
+	(process_corefile_note_segment): Likewise.
+	(process_version_sections): Use size_t type for total.
+	(get_dynamic_data): Change type of number parameter to size_t.
+	Improve out of memory error messages.
+	(process_symbol_table): Change type of nbuckets and nchains to
+	size_t.  Skip processing of sections headers if there are none.
+	Improve out of memory error messages.
+
+	2014-11-11  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (display_arm_attribute): Avoid reading off the end of
+	the buffer when processing a Tag_nodefaults.
+
+	2014-11-10  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (ia64_process_unwind): Replace assertion with an error
+	message.  Add range checking for group section indicies.
+	(hppa_process_unwind): Replace assertion with an error message.
+	(process_syminfo): Likewise.
+	(decode_arm_unwind_bytecode): Add range checking.
+	(dump_section_as_strings): Add more string range checking.
+	(display_tag_value): Likewise.
+	(display_arm_attribute): Likewise.
+	(display_gnu_attribute): Likewise.
+	(display_tic6x_attribute): Likewise.
+	(display_msp430x_attribute): Likewise.
+
+	2014-11-10  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17552
+	* objcopy.c (copy_archive): Clean up temporary files even if an
+	error occurs.
+
+	2014-11-07  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (get_data): Avoid allocating memory when we know that
+	the read will fail.
+	(find_section_by_type): New function.
+	(get_unwind_section_word): Check for invalid symbol indicies.
+	Check for invalid reloc types.
+	(get_32bit_dynamic_section): Add range checks.
+	(get_64bit_dynamic_section): Add range checks.
+	(process_dynamic_section): Check for a corrupt time value.
+	(process_symbol_table): Add range checks.
+	(dump_section_as_strings): Add string length range checks.
+	(display_tag_value): Likewise.
+	(display_arm_attribute): Likewise.
+	(display_gnu_attribute): Likewise.
+	(display_tic6x_attribute): Likewise.
+	(display_msp430x_attribute): Likewise.
+	(process_mips_specific): Add range check.
+
+	2014-11-06  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17552, binutils/17533
+	* bucomm.c (is_valid_archive_path): New function.  Returns false
+	for absolute pathnames and pathnames that include /../.
+	* bucomm.h (is_valid_archive_path): Add prototype.
+	* ar.c (extract_file): Use new function to check for valid
+	pathnames when extracting files from an archive.
+	* objcopy.c (copy_archive): Likewise.
+	* doc/binutils.texi: Update documentation to mention the
+	limitation on pathname of archive members.
+
+	2014-11-05  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (printable_section_name): New function.
+	(printable_section_name_from_index): New function.
+	(dump_relocations): Use new function.
+	(process_program_headers, get_32bit_elf_symbols,
+	(get_64bit_elf_symbols, process_section_headers,
+	(process_section_groups, process_relocs, ia64_process_unwind,
+	(hppa_process_unwind, get_unwind_section_word, decode_arm_unwind,
+	(arm_process_unwind, process_version_sections,
+	(process_symbol_table, apply_relocations, get_section_contents,
+	(dump_section_as_strings, dump_section_as_bytes,
+	(display_debug_section, process_attributes, process_mips_specific,
+	(process_mips_specific process_gnu_liblist): Likewise.
+	(get_unwind_section_word): Check for a missing symbol table.
+	Replace aborts with error messages.
+	(arm_process_unwind): Check for a missing string table.
+	(process_attributes): Check for an attribute length that is too
+	small.
+	(process_mips_specific): Check for a corrupt GOT symbol offset.
+
+	2014-11-05  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17533
+	* bucomm.c (is_valid_archive_path): New function.
+	* bucomm.h (is_valid_archive_path): Prototype it.
+	* ar.c (extract_file): Call is_valid_archive_path to verify a
+	member filename before extracting it.
+	* objcopy.c (copy_archive): Likewise.
+
+	2014-11-04  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17531
+	* readelf.c (get_data): If the reason parameter is null, do not
+	print any error messages.
+	(get_32bit_section_headers): Verify section header entry size
+	before reading in the section headers.
+	(get_64bit_section_headers): Likewise.
+	(process_section_headers): Pass FALSE to get_section_headers.
+	(get_file_header): Pass TRUE to get_section_headers.
+	(process_dynamic_section): Change an assert to an error message.
+	(process_symbol_table): Handle corrupt histograms.
+	(get_32bit_program_headers): Verify program header entry size
+	before reading in the program headers.
+	(get_64bit_program_headers): Likewise.
+	(get_unwind_section_word): Do nothing if no section was provided.
+	Fail if the offset is outside of the section.
+	(print_dynamic_symbol): Catch out of range symbol indicies.
+	(process_mips_specific): Likewise.
+	(process_attributes): Make sure that there is enough space left in
+	the section before attempting to read the length of the next
+	attribute.
+
+	2014-11-03  Nick Clifton  <nickc@redhat.com>
+
+	PR binutils/17512
+	* objdump.c (slurp_symtab): Fail gracefully if the table could not
+	be read.
+	(dump_relocs_in_section): Likewise.
+
 2014-11-11  Nick Clifton  <nickc@redhat.com>
 
 	* po/fr.po: Updated French translation.
author	Nick Clifton <nickc@redhat.com>	2014-11-17 16:59:09 +0000
committer	Nick Clifton <nickc@redhat.com>	2014-11-17 16:59:09 +0000
commit	32a9d621c3c480aa093a089a36e36c35f68a4010 (patch)
tree	230ef48b11e27fb545512cc1c2e28ae52f2f44bf /binutils/ChangeLog
parent	022af27274b440186def92cae77c2d4304c3ce9b (diff)
download	gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.zip gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.tar.gz gdb-32a9d621c3c480aa093a089a36e36c35f68a4010.tar.bz2