Improve decoding of corrupt/unrecognised gnu build attribute notes.

	* readelf.c (process_section_headers): Warn about overlarge
	sections.
	(print_gnu_build_attribute_name): Print the number of unrecognised
	note types.  Fix formatting in the presence of errors.
	(testsuite/binutils-all/note-2-32.s): Fix encoding of numeric notes.
	(testsuite/binutils-all/note-2-64.s): Likewise.

4 files changed, 67 insertions, 47 deletions

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index d2ddf41..e1736b9 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,12 @@
+2017-04-26  Nick Clifton  <nickc@redhat.com>
+
+	* readelf.c (process_section_headers): Warn about overlarge
+	sections.
+	(print_gnu_build_attribute_name): Print the number of unrecognised
+	note types.  Fix formatting in the presence of errors.
+	(testsuite/binutils-all/note-2-32.s): Fix encoding of numeric notes.
+	(testsuite/binutils-all/note-2-64.s): Likewise.
+
 2017-04-26  Maciej W. Rozycki  <macro@imgtec.com>
 
 	* readelf.c (process_mips_specific): Add static GOT support.
diff --git a/binutils/readelf.c b/binutils/readelf.c
index 2d3ef27..b57e1e0 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -6215,6 +6215,13 @@ process_section_headers (FILE * file)
 	  break;
 	}
 
+      /* Check the sh_size field.  */
+      if (section->sh_size > current_file_size
+	  && section->sh_type != SHT_NOBITS
+	  && section->sh_type != SHT_NULL
+	  && section->sh_type < SHT_LOOS)
+	warn (_("Size of section %u is larger than the entire file!\n"), i);
+
       printf ("  [%2u] ", i);
       if (do_section_details)
 	printf ("%s\n      ", printable_section_name (section));
@@ -16982,7 +16989,6 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
       expected_types = bool_expected;
       ++ name;
       break;
-
     default:
       if (ISPRINT (* name))
 	{
@@ -16996,9 +17002,11 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
 	}
       else
 	{
-	  error (_("unexpected character in name field\n"));
-	  print_symbol (- left, _("<unknown attribute>"));
-	  return 0;
+	  static char tmpbuf [128];
+	  error (_("unrecognised byte in name field: %d\n"), * name);
+	  sprintf (tmpbuf, _("<unknown:_%d>"), * name);
+	  text = tmpbuf;
+	  name ++;
 	}
       expected_types = "*$!+";
       break;
@@ -17028,7 +17036,10 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
     {
     case GNU_BUILD_ATTRIBUTE_TYPE_NUMERIC:
       {
-	unsigned int        bytes = pnote->namesz - (name - pnote->namedata);
+	/* The -1 is because the name field is always 0 terminated, and we
+	   want to be able to ensure that the shift in the while loop below
+	   will not overflow.  */
+	unsigned int        bytes = (pnote->namesz - (name - pnote->namedata)) - 1;
 	unsigned long long  val = 0;
 	unsigned int        shift = 0;
 	char *              decoded = NULL;
@@ -17036,10 +17047,12 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
 	/* PR 21378 */
 	if (bytes > sizeof (val))
 	  {
-	    error (_("corrupt name field: namesz of %lu is too large for a numeric value\n"),
-		   pnote->namesz);
-	    return FALSE;
+	    error (_("corrupt numeric name field: too many bytes in the value: %x\n"),
+		   bytes);
+	    bytes = sizeof (val);
 	  }
+	/* We do not bother to warn if bytes == 0 as this can
+	   happen with some early versions of the gcc plugin.  */
 
 	while (bytes --)
 	  {
@@ -17079,7 +17092,15 @@ print_gnu_build_attribute_name (Elf_Internal_Note * pnote)
 	  }
 
 	if (decoded != NULL)
-	  print_symbol (-left, decoded);
+	  {
+	    print_symbol (-left, decoded);
+	    left = 0;
+	  }
+	else if (val == 0)
+	  {
+	    printf ("0x0");
+	    left -= 3;
+	  }
 	else
 	  {
 	    if (do_wide)
diff --git a/binutils/testsuite/binutils-all/note-2-32.s b/binutils/testsuite/binutils-all/note-2-32.s
index da3b085..9aed3df 100644
--- a/binutils/testsuite/binutils-all/note-2-32.s
+++ b/binutils/testsuite/binutils-all/note-2-32.s
@@ -17,23 +17,21 @@ note1.s:
 	.dc.l 0x100
 	.asciz "$gcc 7.0.1"
 
-	.dc.l 2
+	.dc.l 3
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2b, 0x2
-	.dc.b  0, 0
+	.dc.b 0x2b, 0x2, 0
+	.dc.b 0
 
-	.dc.l 3
+	.dc.l 4
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2a, 0x7, 0
-	.dc.b  0
+	.dc.b 0x2a, 0x7, 0, 0
 
-	.dc.l 3
+	.dc.l 4
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2a, 0x6, 0
-	.dc.b  0
+	.dc.b 0x2a, 0x6, 0, 0
 	.popsection
 
 
@@ -55,23 +53,21 @@ func1:
 	.dc.l 0x100	
 	.asciz "$gcc 7.0.1"	
 
-	.dc.l 2		
+	.dc.l 3		
 	.dc.l 0		
 	.dc.l 0x100	
-	.dc.b 0x21, 0x2	
-	.dc.b  0, 0 	
+	.dc.b 0x21, 0x2, 0
+	.dc.b 0 	
 
-	.dc.l 3		
+	.dc.l 4		
 	.dc.l 0		
 	.dc.l 0x101	
-	.dc.b 0x2a, 0x7, 1 	
-	.dc.b  0 	
+	.dc.b 0x2a, 0x7, 1, 0
 
-	.dc.l 3		
+	.dc.l 4		
 	.dc.l 0		
 	.dc.l 0x100	
-	.dc.b 0x2a, 0x6, 0 	
-	.dc.b  0 	
+	.dc.b 0x2a, 0x6, 0, 0
 	.popsection
 
 	.global note3.s
diff --git a/binutils/testsuite/binutils-all/note-2-64.s b/binutils/testsuite/binutils-all/note-2-64.s
index fcd61d0..885e947 100644
--- a/binutils/testsuite/binutils-all/note-2-64.s
+++ b/binutils/testsuite/binutils-all/note-2-64.s
@@ -17,23 +17,21 @@ note1.s:
 	.dc.l 0x100
 	.asciz "$gcc 7.0.1"
 
-	.dc.l 2
+	.dc.l 3
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2b, 0x2
-	.dc.b  0, 0
+	.dc.b 0x2b, 0x2, 0
+	.dc.b 0
 
-	.dc.l 3
+	.dc.l 4
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2a, 0x7, 0
-	.dc.b  0
+	.dc.b 0x2a, 0x7, 0, 0
 
-	.dc.l 3
+	.dc.l 4
 	.dc.l 0
 	.dc.l 0x100
-	.dc.b 0x2a, 0x6, 0
-	.dc.b  0
+	.dc.b 0x2a, 0x6, 0, 0
 	.popsection
 
 
@@ -56,23 +54,21 @@ func1:
 	.dc.l 0x100	
 	.asciz "$gcc 7.0.1"	
 
-	.dc.l 2		
+	.dc.l 3		
 	.dc.l 0		
 	.dc.l 0x100	
-	.dc.b 0x21, 0x2	
-	.dc.b  0, 0 	
+	.dc.b 0x21, 0x2, 0
+	.dc.b 0 	
 
-	.dc.l 3		
+	.dc.l 4
 	.dc.l 0		
 	.dc.l 0x101	
-	.dc.b 0x2a, 0x7, 1 	
-	.dc.b  0 	
+	.dc.b 0x2a, 0x7, 1, 0
 
-	.dc.l 3		
+	.dc.l 4
 	.dc.l 0		
 	.dc.l 0x100	
-	.dc.b 0x2a, 0x6, 0 	
-	.dc.b  0 	
+	.dc.b 0x2a, 0x6, 0, 0
 	.popsection
 	
 
@@ -93,5 +89,3 @@ note3.s:
 	.asciz "$gcc 7.0.1"	
 
 	.popsection
-	
-