| Age | Commit message (Collapse) | Author | Files | Lines |
|---|
|
|
|
corrupt file.
PR binutils/17597
* opncls.c (bfd_get_debug_link_info): Avoid reading off the end of
the section.
(bfd_get_alt_debug_link_info): Likewise.
|
|
PR binutils/17512
* dwarf.c (get_encoded_value): Add an 'end' parameter. Change the
'data' parameter to a double pointer and return the updated value.
(decode_location_expression): Update call to get_encoded_value.
(frame_need_space): Handle the case where one or both of the
mallocs fails.
(read_cie): Initialise the cie pointer, even if the read fails.
(display_debug_frames): Warn if the calculated block_end is before
the start of the block. Break the loop if the CIE could not be
read. Update call to get_encoded_value. Warn if the read CFA
expressions are too big.
* ieee.c (ieee_archive_p) Skip processing if no bytes are read at
all.
(ieee_object_p): Likewise.
|
|
* coffcode.h (coff_slurp_line_table): Add cast to unsigned int.
|
|
* coffcode.h (coff_pointerize_aux_hook): Fix a typo.
|
|
Obsolete R_X86_64_GOTPLT64 and treat it the same as R_X86_64_GOT64.
bfd/
PR gas/17598
* elf64-x86-64.c (elf_x86_64_check_relocs): Treat
R_X86_64_GOTPLT64 the same as R_X86_64_GOT64.
(elf_x86_64_relocate_section): Likewise.
gas/
PR gas/17598
* config/tc-i386.c (reloc): Support BFD_RELOC_X86_64_GOTPLT64.
gas/testsuite/
PR gas/17598
* gas/i386/reloc64.s: Add @gotplt check.
* gas/i386/reloc64.d: Updated.
* gas/i386/reloc64.l: Likewise.
ld/testsuite/
PR gas/17598
* ld-x86-64/x86-64.exp: Run gotplt1.
* ld-x86-64/gotplt1.d: New file.
* ld-x86-64/gotplt1.s: Likewise.
|
|
PR binutils/17512
* config/obj-coff.c (coff_obj_symbol_new_hook): Set the is_sym
field.
* coffcode.h (coff_ptr_struct): Add is_sym field.
(coff_new_section_hook): Set the is_sym field.
(coff_pointerize_aux_hook): Check the is_sym field.
(coff_print_aux): Likewise.
(coff_compute_section_file_positions): Likewise.
(coff_write_object_contents): Likewise.
(coff_slurp_line_table): Likewise.
(coff_slurp_symbol_table): Likewise.
(CALC_ADDEND): Likewise.
* coffgen.c (coff_renumber_symbols): Likewise.
(coff_mangle_symbols): Likewise.
(coff_fix_symbol_name): Likewise.
(coff_write_symbol): Likewise.
(coff_write_alien_symbol): Likewise.
(coff_write_native_symbol): Likewise.
(coff_write_symbols): Likewise.
(coff_write_linenumbers): Likewise.
(coff_pointerize_aux): Likewise.
(coff_get_normalized_symtab): Likewise.
(coff_get_symbol_info): Likewise.
(bfd_coff_get_syment): Likewise.
(bfd_coff_get_auxent): Likewise.
(coff_print_symbol): Likewise.
(coff_find_nearest_line_with_names): Likewise.
(bfd_coff_set_symbol_class): Likewise.
(coff_make_empty_symbol): Set the is_sym field.
(coff_bfd_make_debug_symbol): Likewise.
* peicode.h (pe_ILF_make_a_symbol): Likewise.
* libcoff.h: Regenerate.
* libcoff-in.h: Regenerate.
|
|
PR binutils/17512
* dwarf.c (read_and_display_attr_value): Check that we do not read
past end.
(display_debug_pubnames_worker): Add range checks.
(process_debug_info): Check for invalid pointer sizes.
(display_loc_list): Likewise.
(display_loc_list_dwo): Likewise.
(display_debug_ranges): Likewise.
(display_debug_aranges): Check for invalid address size.
(read_cie): Add range checks. Replace call strchr with while loop.
* objdump.c (dump_dwarf): Replace abort with a warning message.
(print_section_stabs): Improve range checks.
* rdcoff.c (coff_get_slot): Use long for indx parameter type.
Add check for an excesively large index.
* rddbg.c (read_section_stabs_debugging_info): Zero terminate the
string table. Avoid walking off the end of the stabs data.
* stabs.c (parse_stab_string): Add check for a NULL name.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Set the line number of
corrupt entries to -1.
(coff_slurp_symbol_table): Alway initialise the value of the
symbol.
* coffgen.c (coff_print_symbol): Check that the combined pointer
is valid.
(coff_print_symbol): Do not print negative line numbers.
* peXXigen.c (pe_print_idata): Add range checking displaying
member names.
|
|
PR 17521
* coffcode.h (coff_slurp_line_table): Drop line number info
not preceded by a valid function entry. Revert last change.
|
|
|
|
fuzzers.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Initialise the parts of the
line number cache that would not be initialised by the copy from
the new line number table.
(coff_classify_symbol): Allow for _bfd_coff_internal_syment_name
returning NULL.
* coffgen.c (coff_get_normalized_symbols): Get the external
symbols before allocating space for the internal symbols, in case
the get fails.
* elf.c (_bfd_elf_slurp_version_tables): Only allocate a verref
array if one is needed. Likewise with the verdef array.
* peXXigen.c (_bfd_XXi_swap_sym_in): Replace abort()'s with error
messages.
(_bfd_XXi_swap_aux_in): Make sure that all fields of the aux
structure are initialised.
(pe_print_edata): Avoid reading off the end of the data buffer.
|
|
I missed this use of the loop induction variable outside the loop.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Use updated lineno_count
when building func_table.
|
|
bfd_zalloc/bfd_zmalloc to fix uninitialized memory reads is too big a
hammer, when the size allocated depends on user input. A typical
bfd_alloc, bfd_seek, bfd_bread sequence will give an error or warning
at the point the file read fails when some enormous item as described
by headers is not actually present in the file. Nice operating system
allow memory overcommit. But not if you write to the memory. So
bfd_zalloc can cause an OOM, thrashing, or system hangs.
The patch also fixes a recently introduced endless loop on bad input.
PR binutils/17512
* coffcode.h (coff_slurp_line_table): Don't bfd_zalloc, just
memset the particular bits we need. Update src after hitting loop
"continue". Don't count lineno omitted due to invalid symbols in
nbr_func, and update lineno_count. Init entire terminating
lineno. Don't both allocating terminator in n_lineno_cache.
Redirect sym->lineno pointer to where n_lineno_cache will be
copied, and free n_lineno_cache.
* pe-mips.c (NUM_HOWTOS): Typo fix.
|
|
Turning on .eh_frame processing for ld -r resulted in systemtap
tickling a ld bug. Triggered by the zero terminator not being added
to .eh_frame in a separate file as it usually is (crtend.o), but
instead being present in the last .eh_frame section along with CIEs
and FDEs. The 4-byte terminator makes the section size check fail
on 64-bit targets.
* elf-eh-frame (_bfd_elf_write_section_eh_frame): Adjust section
size check to account for possible zero terminator.
|
|
|
|
2014-11-10 James Cowgill <James.Cowgill@imgtec.com>
* elfxx-mips.c (_bfd_mips_elf_section_processing): don't force small
data sections to be PROGBITS
|
|
when displaying the contents of corrupt files.
PR binutils/17521
* coff-i386.c (NUM_HOWTOS): New define.
(RTYPE2HOWTO): Use it.
(coff_i386_rtype_to_howto): Likewise.
(coff_i386_reloc_name_lookup): Likewise.
(CALC_ADDEND): Check that reloc r_type field is valid.
* coff-x86_64.c (NUM_HOWTOS): New define.
(RTYPE2HOWTO): Use it.
(coff_amd64_rtype_to_howto): Likewise.
(coff_amd64_reloc_name_lookup): Likewise.
(CALC_ADDEND): Check that reloc r_type field is valid.
* coffcode.h (coff_slurp_line_table): Check for symbol table
indexing underflow.
(coff_slurp_symbol_table): Use zalloc to ensure that all table
entries are initialised.
* coffgen.c (_bfd_coff_read_string_table): Initialise unused bits
in the string table. Also ensure that the table is 0 terminated.
(coff_get_normalized_symtab): Check for symbol table indexing
underflow.
* opncls.c (bfd_alloc): Catch the case where a small negative size
can result in only 1 byte being allocated.
(bfd_alloc2): Use bfd_alloc.
* pe-mips.c (NUM_HOWTOS): New define.
(coff_mips_reloc_name_lookup): Use it.
(CALC_ADDEND): Check that reloc r_type field is valid.
* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Initialise unused entries
in the DataDirectory.
(pe_print_idata): Avoid reading beyond the end of the data block
wen printing strings.
(pe_print_edata): Likewise.
Check for table indexing underflow.
* peicode.h (pe_mkobject): Initialise the pe_opthdr field.
(pe_bfd_object_p): Allocate and initialize enough space to hold a
PEAOUTHDR, even if the opt_hdr field specified less.
|
|
|
|
|
|
* peXXigen.c (pe_print_idata): Revert last patch, cast lhs instead.
|
|
|
|
* peXXigen.c (pe_print_idata): Cast to unsigned long in range
checks.
|
|
Structions with R_X86_64_GOTTPOFF relocation must be encoded with REX
prefix even if it isn't required by destination register. Otherwise
linker can't safely perform IE -> LE optimization.
bfd/
PR ld/17482
* elf64-x86-64.c (elf_x86_64_relocate_section): Update comments
for IE->LE transition.
gas/
PR ld/17482
* config/tc-i386.c (output_insn): Add a dummy REX_OPCODE prefix
for structions with R_X86_64_GOTTPOFF relocation for x32 if needed.
gas/testsuite/
PR ld/17482
* gas/i386/ilp32/x32-tls.d: New file.
* gas/i386/ilp32/x32-tls.s: Likewise.
ld/testsuite/
PR ld/17482
* ld-x86-64/tlsie4.dd: Updated.
|
|
is a don't care.
* tekhex.c (tekhex_set_arch_mach): Ignore unknown arch errors.
|
|
Dramatically reduces memory consumption and processing time for large
all-zero data segments. Allows multiple symbol types attached to a
given segment to survive objcopy.
* tekhex.c (CHUNK_SPAN): Define.
(struct data_struct <chunk_init>): Use one byte per span, update
all code accessing this field.
(find_chunk): Add create param, don't create new entry unless set.
(insert_byte): Don't save zeros.
(first_phase): Set section SEC_CODE or SEC_DATA flag depending
on symbol type. Create an alternate section if both types of
symbol are given. Attach type '2' and '6' symbols to absolute
section.
(move_section_contents): Fix caching of chunk. Don't create chunk
when reading, or for writing zeros.
(tekhex_set_section_contents): Don't create initial chunks.
(tekhex_write_object_contents): Use CHUNK_SPAN.
|
|
Save a multiplication, and any concern that the buffer allocation
might be smaller than the amount read (as it could be if the header
size isn't a multiple of EXTERNAL_NLIST_SIZE).
* aoutx.h (aout_get_external_symbols): Tidy allocation of symbol buffer.
|
|
* archive.c (_bfd_slurp_extended_name_table): Revert bfd_get_size check.
* coffcode.h (coff_set_alignment_hook): Likewise.
(coff_slurp_line_table): Likewise.
* coffgen.c (coff_get_normalized_symtab): Likewise.
(_bfd_coff_get_external_symbols): Likewise.
* elf.c (bfd_elf_get_str_section): Likewise.
* tekhex.c (first_phase): Likewise.
|
|
|
|
the linker testsuite.
* aoutx.h (slurp_symbol_table): Revert previous delta.
(slurp_reloc_table): Likewise.
* compress.c (bfd_get_full_section_contents): Remove file size
test.
* coffgen.c (coff_get_normalized_symtab): Allow zero-sized symtabs
and do not complain about linker generated files.
|
|
Handle the case of a zero length section or sub-section in
_bfd_elf_parse_attributes and in doing so prevent an infinite loop
in the parser.
bfd/ChangeLog:
2014-11-06 Will Newton <will.newton@linaro.org>
* elf-attrs.c (_bfd_elf_parse_attributes): Handle zero
length sections and sub-sections.
|
|
|
|
PR binutils/17512
* coffcode.h (handle_COMDAT): Replace abort with BFD_ASSERT.
Replace another abort with an error message.
(coff_slurp_line_table): Add more range checking.
* peXXigen.c (pe_print_debugdata): Add range checking.
|
|
bfd/
* elfxx-mips.c (_bfd_mips_elf_finish_dynamic_sections): Fix segfault
when creating a dso with discarded dynsym section.
|
|
bfd/
* elfxx-mips.c (update_mips_abiflags_isa): Add E_MIPS_ARCH_32R6
and E_MIPS_ARCH_64R6 support.
ld/testsuite/
* ld-mips-elf/abiflags-strip10-ph.d: New file.
* ld-mips-elf/mips-eld.exp: Run the new test.
gas/
* config/tc-mips.c (mips_elf_final_processing): Add INSN_ISA32R6
and INSN_ISA64R6 support.
gas/testsuite/
* gas/mips/elf_arch_mips32r6.d: New file.
* gas/mips/elf_arch_mips64r6.d: New file.
* gas/mips/mips.exp: Run the new tests.
|
|
PR binutils/17512
* coffcode.h (coff_set_alignment_hook): Warn if the file lies
about the number of relocations it contains.
(coff_sort_func_alent): Return 0 if the pointers are NULL.
(coff_slurp_line_table): Add more range checks. Do not free new
tables created when sorting line numbers.
* peXXigen.c (pe_print_idata): Add range checks.
(pe_print_edata): Likewise.
(rsrc_print_resource_entries): Likewise. Avoid printing control
characters. Terminate priniting if corruption is detected.
(rsrc_print_resource_directory): Terminate printing if an unknown
directory type is encountered.
(pe_print_debugdata): Fix off-by-one error.
(rsrc_count_entries): Add range checking.
(rsrc_parse_entry): Likewise.
|
|
|
|
as corrupt by the new error checking code in bfd_get_full_section_contents.
PR binutils/17512
* compress.c (bfd_get_full_section_contents): Improve test for
linker created objects.
|
|
PR binutils/17533
* archive.c (_bfd_slurp_extended_name_table): Handle archives with
corrupt extended name tables.
|
|
Commit f54498b4 broke spu-elf, specifically the change "Do not try to
load a string table bigger than the file", because bfd_get_size
returns zero for the spu built-in overlay manager bfd.
* elf32-spu.c (ovl_mgr_stat): New function.
(spu_elf_open_builtin_lib): Pass to bfd_openr_iovec.
|
|
|
|
When performing linker relaxation, reduce the size of symbols that span
the deleted bytes. This ensures that, for example, function symbols
will have the correct size.
bfd/ChangeLog:
* elf32-avr.c (elf32_avr_relax_delete_bytes): During linker
relaxation, reduce the size of symbols that span the deleted
bytes.
ld/ChangeLog:
* testsuite/ld-avr/relax-02.d: Update to check size of symbols has
changed.
* testsuite/ld-avr/relax-03.d: Likewise.
|
|
Symbols at the very end of a section were not being updated correctly
when linker relaxation takes place due to the use of '<' instead of
'<='. Added a couple of tests to cover this behaviour.
bfd/ChangeLog:
* elf32-avr.c (elf32_avr_relax_delete_bytes): Modify symbols
located at the very end of the section.
ld/ChangeLog:
* ld/testsuite/ld-avr/relax-02.d: New file.
* ld/testsuite/ld-avr/relax-02.s: New file.
* ld/testsuite/ld-avr/relax-03.d: New file.
* ld/testsuite/ld-avr/relax-03.s: New file.
|
|
PR binutils/17512
* objdump.c (slurp_symtab): Fail gracefully if the table could not
be read.
(dump_relocs_in_section): Likewise.
* aoutx.h (slurp_symbol_table): Check that computed table size is
not bigger than the file from which is it being read.
(slurp_reloc_table): Likewise.
* coffcode.h (coff_slurp_line_table): Remove unneeded local
'warned'. Do not try to print the details of a symbol with an
invalid index.
* coffgen.c (make_a_sectiobn_from_file): Check computed string
index against length of string table.
(bfd_coff_internal_syment_name): Check read in string offset
against length of string table.
(build_debug_section): Return a pointer to the section used.
(_bfd_coff_read_string_table): Store the length of the string
table in the coff_tdata structure.
(bfd_coff_free_symbols): Set the length of the string table to
zero when it is freed.
(coff_get_normalized_symtab): Check offsets against string table
or data table lengths as appropriate.
* cofflink.c (_bfd_coff_link_input_bfd): Check offset against
length of string table.
* compress.c (bfd_get_full_section_contents): Check computed size
against the size of the file.
* libcoff-in.h (obj_coff_strings_len): Define.
(struct coff_tdata): Add strings_len field.
* libcoff.h: Regenerate.
* peXXigen.c (pe_print_debugdata): Do not attempt to print the
data if the debug section is too small.
* xcofflink.c (xcoff_link_input_bfd): Check offset against
length of string table.
|
|
bfd, binutils, gprof, opcodes:
* po/fi.po: Updated Finnish translation.
binutils:
* po/sv.po: Updated Swedish translation.
gprof:
* po/hu.po: New Hungarian translation.
|
|
|
|
|
|
|
|
binutils:
2014-10-31 Andrew Pinski <apinski@cavium.com>
Naveen H.S <Naveen.Hurugalawadi@caviumnetworks.com>
* readelf.c (print_mips_isa_ext): Print the value of Octeon3.
gas:
2014-10-31 Andrew Pinski <apinski@cavium.com>
Naveen H.S <Naveen.Hurugalawadi@caviumnetworks.com>
* config/tc-mips.c (CPU_IS_OCTEON): Handle CPU_OCTEON3.
(mips_cpu_info_table): Octeon3 enables virt ase.
* doc/c-mips.texi: Document octeon3 as an acceptable value for
-march=.
gas/testsuite:
2014-10-31 Andrew Pinski <apinski@cavium.com>
Naveen H.S <Naveen.Hurugalawadi@caviumnetworks.com>
* gas/mips/mips.exp: Add support for Octeon3 architecture.
Also add in support for running Octeon3 tests.
* gas/mips/octeon3.d: New test.
* gas/mips/octeon3.s: New test source.
opcodes:
2014-10-31 Andrew Pinski <apinski@cavium.com>
Naveen H.S <Naveen.Hurugalawadi@caviumnetworks.com>
* mips-dis.c (mips_arch_choices): Add octeon3.
* mips-opc.c (IOCT): Include INSN_OCTEON3.
(IOCT2): Likewise.
(IOCT3): New define.
(IVIRT): New define.
(mips_builtin_opcodes): Add dmfgc0, dmtgc0, hypcall, mfgc0, mtgc0,
tlbinv, tlbinvf, tlbgr, tlbgwi, tlbginv, tlbginvf, tlbgwr, tlbgp, tlti
IVIRT instructions.
Extend mtm0, mtm1, mtm2, mtp0, mtp1, mtp2 instructions to take another
operand for IOCT3.
bfd:
2014-10-31 Andrew Pinski <apinski@cavium.com>
Naveen H.S <Naveen.Hurugalawadi@caviumnetworks.com>
* archures.c: Add octeon3 for mips target.
* bfd-in2.h: Regenerate.
* bfd/cpu-mips.c: Define I_mipsocteon3.
nfo_struct): Add octeon3 support.
* bfd/elfxx-mips.c: (_bfd_elf_mips_mach): Add support for
octeon3.
(mips_set_isa_flags): Add support for octeon3.
(bfd_mips_isa_ext): Add bfd_mach_mips_octeon3.
(mips_mach_extensions): Make bfd_mach_mips_octeon3 an
extension of bfd_mach_mips_octeon2.
(print_mips_isa_ext): Print the value of Octeon3.
|
|
PR binutils/17512
* tekhex.c (first_phase): Check that the section range is sane.
|
|
PR binutils/17512
* coffgen.c (_bfd_coff_get_external_symbols): Do not try to load a
symbol table bigger than the file.
* elf.c (bfd_elf_get_str_section): Do not try to load a string
table bigger than the file.
* readelf.c (process_program_headers): Avoid memory exhaustion due
to corrupt values in a dynamis segment header.
(get_32bit_elf_symbols): Do not attempt to read an over-large
section.
(get_64bit_elf_symbols): Likewise.
|
