diff options
author | Alan Modra <amodra@gmail.com> | 2018-12-01 21:15:03 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2018-12-01 22:10:28 +1030 |
commit | 726bd37d6c5d5013d34023044ed7cbbb01317978 (patch) | |
tree | 06d2322ccec05d246724e5ae9008601323446940 /binutils/readelf.c | |
parent | 64d27cfc97f5b865019f0b7293ff2b9565db427c (diff) | |
download | gdb-726bd37d6c5d5013d34023044ed7cbbb01317978.zip gdb-726bd37d6c5d5013d34023044ed7cbbb01317978.tar.gz gdb-726bd37d6c5d5013d34023044ed7cbbb01317978.tar.bz2 |
PR23945, NULL pointer dereference in readelf.c:slurp_hppa_unwind_table
PR 23945
* readelf.c (slurp_ia64_unwind_table): Don't call elf_ia64_reloc_type
needlessly.
(slurp_hppa_unwind_table): Use same range checks and error messages
as slurp_ia64_unwind_table.
Diffstat (limited to 'binutils/readelf.c')
-rw-r--r-- | binutils/readelf.c | 22 |
1 files changed, 17 insertions, 5 deletions
diff --git a/binutils/readelf.c b/binutils/readelf.c index afb039f..9eb5931 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -7597,14 +7597,14 @@ slurp_ia64_unwind_table (Filedata * filedata, for (rp = rela; rp < rela + nrelas; ++rp) { - relname = elf_ia64_reloc_type (get_reloc_type (filedata, rp->r_info)); + unsigned int r_type = get_reloc_type (filedata, rp->r_info); + relname = elf_ia64_reloc_type (r_type); sym = aux->symtab + get_reloc_symindex (rp->r_info); /* PR 17531: file: 9fa67536. */ if (relname == NULL) { - warn (_("Skipping unknown relocation type: %u\n"), - get_reloc_type (filedata, rp->r_info)); + warn (_("Skipping unknown relocation type: %u\n"), r_type); continue; } @@ -8053,17 +8053,29 @@ slurp_hppa_unwind_table (Filedata * filedata, for (rp = rela; rp < rela + nrelas; ++rp) { - relname = elf_hppa_reloc_type (get_reloc_type (filedata, rp->r_info)); + unsigned int r_type = get_reloc_type (filedata, rp->r_info); + relname = elf_hppa_reloc_type (r_type); sym = aux->symtab + get_reloc_symindex (rp->r_info); + if (relname == NULL) + { + warn (_("Skipping unknown relocation type: %u\n"), r_type); + continue; + } + /* R_PARISC_SEGREL32 or R_PARISC_SEGREL64. */ if (! const_strneq (relname, "R_PARISC_SEGREL")) { - warn (_("Skipping unexpected relocation type %s\n"), relname); + warn (_("Skipping unexpected relocation type: %s\n"), relname); continue; } i = rp->r_offset / unw_ent_size; + if (i >= aux->table_len) + { + warn (_("Skipping reloc with overlarge offset: %lx\n"), i); + continue; + } switch ((rp->r_offset % unw_ent_size) / 4) { |