Revert bfd_get_size checks
* archive.c (_bfd_slurp_extended_name_table): Revert bfd_get_size check. * coffcode.h (coff_set_alignment_hook): Likewise. (coff_slurp_line_table): Likewise. * coffgen.c (coff_get_normalized_symtab): Likewise. (_bfd_coff_get_external_symbols): Likewise. * elf.c (bfd_elf_get_str_section): Likewise. * tekhex.c (first_phase): Likewise.
This commit is contained in:
Alan Modra
parent
2dd2cd1c92
commit
4057240502
@ -1,3 +1,13 @@
|
||||
2014-11-07 Alan Modra <amodra@gmail.com>
|
||||
|
||||
* archive.c (_bfd_slurp_extended_name_table): Revert bfd_get_size check.
|
||||
* coffcode.h (coff_set_alignment_hook): Likewise.
|
||||
(coff_slurp_line_table): Likewise.
|
||||
* coffgen.c (coff_get_normalized_symtab): Likewise.
|
||||
(_bfd_coff_get_external_symbols): Likewise.
|
||||
* elf.c (bfd_elf_get_str_section): Likewise.
|
||||
* tekhex.c (first_phase): Likewise.
|
||||
|
||||
2014-11-06 Nick Clifton <nickc@redhat.com>
|
||||
|
||||
* aoutx.h (slurp_symbol_table): Revert previous delta.
|
||||
|
||||
@ -1293,9 +1293,6 @@ _bfd_slurp_extended_name_table (bfd *abfd)
|
||||
amt = namedata->parsed_size;
|
||||
if (amt + 1 == 0)
|
||||
goto byebye;
|
||||
/* PR binutils/17533: A corrupt archive can contain an invalid size. */
|
||||
if (amt > (bfd_size_type) bfd_get_size (abfd))
|
||||
goto byebye;
|
||||
|
||||
bfd_ardata (abfd)->extended_names_size = amt;
|
||||
bfd_ardata (abfd)->extended_names = (char *) bfd_zalloc (abfd, amt + 1);
|
||||
|
||||
@ -1919,15 +1919,6 @@ coff_set_alignment_hook (bfd * abfd ATTRIBUTE_UNUSED,
|
||||
if (bfd_seek (abfd, oldpos, 0) != 0)
|
||||
return;
|
||||
section->reloc_count = hdr->s_nreloc = n.r_vaddr - 1;
|
||||
/* PR binutils/17512: Stop corrupt files from causing
|
||||
memory problems if they claim to have too many relocs. */
|
||||
if (section->reloc_count * relsz > (bfd_size_type) bfd_get_size (abfd))
|
||||
{
|
||||
(*_bfd_error_handler)
|
||||
("%s: warning: claims to have %#x relocs, but the file is not that big",
|
||||
bfd_get_filename (abfd), section->reloc_count);
|
||||
section->reloc_count = 0;
|
||||
}
|
||||
section->rel_filepos += relsz;
|
||||
}
|
||||
else if (hdr->s_nreloc == 0xffff)
|
||||
@ -4528,8 +4519,6 @@ coff_slurp_line_table (bfd *abfd, asection *asect)
|
||||
BFD_ASSERT (asect->lineno == NULL);
|
||||
|
||||
amt = ((bfd_size_type) asect->lineno_count + 1) * sizeof (alent);
|
||||
if (amt > (bfd_size_type) bfd_get_size (abfd))
|
||||
return FALSE;
|
||||
lineno_cache = (alent *) bfd_zalloc (abfd, amt);
|
||||
if (lineno_cache == NULL)
|
||||
return FALSE;
|
||||
|
||||
@ -1619,14 +1619,6 @@ _bfd_coff_get_external_symbols (bfd *abfd)
|
||||
if (size == 0)
|
||||
return TRUE;
|
||||
|
||||
/* PR binutils/17512: Do not even try to load
|
||||
a symbol table bigger than the entire file... */
|
||||
if (size >= (bfd_size_type) bfd_get_size (abfd))
|
||||
{
|
||||
fprintf (stderr, "XXX SIZE FAIL 1\n");
|
||||
return FALSE;
|
||||
}
|
||||
|
||||
syms = bfd_malloc (size);
|
||||
if (syms == NULL)
|
||||
return FALSE;
|
||||
@ -1759,16 +1751,7 @@ coff_get_normalized_symtab (bfd *abfd)
|
||||
if (obj_raw_syments (abfd) != NULL)
|
||||
return obj_raw_syments (abfd);
|
||||
|
||||
size = obj_raw_syment_count (abfd);
|
||||
/* PR binutils/17512: Do not even try to load
|
||||
a symbol table bigger than the entire file...
|
||||
Note - we do not fail on a size of 0. Linker created
|
||||
bfds can have this property and they are not corrupt. */
|
||||
if (size >= (bfd_size_type) bfd_get_size (abfd)
|
||||
&& bfd_get_size (abfd) > 0)
|
||||
return NULL;
|
||||
|
||||
size *= sizeof (combined_entry_type);
|
||||
size = obj_raw_syment_count (abfd) * sizeof (combined_entry_type);
|
||||
internal = (combined_entry_type *) bfd_zalloc (abfd, size);
|
||||
if (internal == NULL && size != 0)
|
||||
return NULL;
|
||||
|
||||
@ -294,11 +294,6 @@ bfd_elf_get_str_section (bfd *abfd, unsigned int shindex)
|
||||
offset = i_shdrp[shindex]->sh_offset;
|
||||
shstrtabsize = i_shdrp[shindex]->sh_size;
|
||||
|
||||
/* PR binutils/17512: Do not even try to load
|
||||
a string table bigger than the entire file... */
|
||||
if (shstrtabsize >= (bfd_size_type) bfd_get_size (abfd))
|
||||
return NULL;
|
||||
|
||||
/* Allocate and clear an extra byte at the end, to prevent crashes
|
||||
in case the string table is not terminated. */
|
||||
if (shstrtabsize + 1 <= 1
|
||||
|
||||
@ -403,9 +403,6 @@ first_phase (bfd *abfd, int type, char *src)
|
||||
if (!getvalue (&src, &val))
|
||||
return FALSE;
|
||||
section->size = val - section->vma;
|
||||
/* PR binutils/17512: Make sure that the size is sane. */
|
||||
if (section->size > (bfd_size_type) bfd_get_size (abfd))
|
||||
return FALSE;
|
||||
section->flags = SEC_HAS_CONTENTS | SEC_LOAD | SEC_ALLOC;
|
||||
break;
|
||||
case '0':
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user