XCOFF linker segmentation fault

The XCOFF linker temporarily trims the output bfd section list, without adjusting section_count to suit. This is a little rude, but the dwarf line number code can easily cope with this situation. So check for a NULL end of list as well as limiting the saved section VMAs to the first section_count list entries. Also fixes -FAIL: Weak test 3 (main, static) (32-bit) -FAIL: Weak test 3 (main, static) (64-bit) PR 24596 * dwarf2.c (save_section_vma, section_vma_same): Check for NULL end of section list as well as section_count. * xcofflink.c (xcoff_link_add_symbols): Fix temporarily changed section list before returning error.
2019-05-27 15:38:55 +09:30 · 2019-05-27 15:38:55 +09:30 · 0eb32b6e1d
parent 58db964680
commit 0eb32b6e1d
3 changed files with 20 additions and 8 deletions
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@ -1,3 +1,11 @@
+2019-05-28  Alan Modra  <amodra@gmail.com>
+
+	PR 24596
+	* dwarf2.c (save_section_vma, section_vma_same): Check for NULL
+	end of section list as well as section_count.
+	* xcofflink.c (xcoff_link_add_symbols): Fix temporarily changed
+	section list before returning error.
+
 2019-05-27  Alan Modra  <amodra@gmail.com>

 	* elf.c (bfd_elf_set_group_contents): Exit on zero size section.
--- a/bfd/dwarf2.c
+++ b/bfd/dwarf2.c
@ -4272,7 +4272,9 @@ save_section_vma (const bfd *abfd, struct dwarf2_debug *stash)
  if (stash->sec_vma == NULL)
    return FALSE;
  stash->sec_vma_count = abfd->section_count;
-  for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next)
+  for (i = 0, s = abfd->sections;
+       s != NULL && i < abfd->section_count;
+       i++, s = s->next)
    {
      if (s->output_section != NULL)
 	stash->sec_vma[i] = s->output_section->vma + s->output_offset;
@ -4301,7 +4303,9 @@ section_vma_same (const bfd *abfd, const struct dwarf2_debug *stash)
  if (abfd->section_count != stash->sec_vma_count)
    return FALSE;

-  for (i = 0, s = abfd->sections; i < abfd->section_count; i++, s = s->next)
+  for (i = 0, s = abfd->sections;
+       s != NULL && i < abfd->section_count;
+       i++, s = s->next)
    {
      bfd_vma vma;

--- a/bfd/xcofflink.c
+++ b/bfd/xcofflink.c
@ -1882,7 +1882,7 @@ xcoff_link_add_symbols (bfd *abfd, struct bfd_link_info *info)

      if (EXTERN_SYM_P (sym.n_sclass))
 	{
-	  bfd_boolean copy;
+	  bfd_boolean copy, ok;
 	  flagword flags;

 	  BFD_ASSERT (section != NULL);
@ -2022,12 +2022,12 @@ xcoff_link_add_symbols (bfd *abfd, struct bfd_link_info *info)
 	  BFD_ASSERT (last_real->next == first_csect);
 	  last_real->next = NULL;
 	  flags = (sym.n_sclass == C_EXT ? BSF_GLOBAL : BSF_WEAK);
-	  if (! (_bfd_generic_link_add_one_symbol
-		 (info, abfd, name, flags, section, value,
-		  NULL, copy, TRUE,
-		  (struct bfd_link_hash_entry **) sym_hash)))
-	    goto error_return;
+	  ok = (_bfd_generic_link_add_one_symbol
+		(info, abfd, name, flags, section, value, NULL, copy, TRUE,
+		 (struct bfd_link_hash_entry **) sym_hash));
 	  last_real->next = first_csect;
+	  if (!ok)
+	    goto error_return;

 	  if (smtyp == XTY_CM)
 	    {