* peXXigen.c: Whitespace.

(pe_print_idata): Correct section limit calculations.  Tidy array
	indexing.
	(_bfd_XX_print_ce_compressed_pdata): Don't leak memory.

bfd/ChangeLog

@@ -1,3 +1,11 @@
+2010-09-07  Alan Modra  <amodra@gmail.com>
+	    Marcus Brinkmann  <marcus.brinkmann@ruhr-uni-bochum.de>
+
+	* peXXigen.c: Whitespace.
+	(pe_print_idata): Correct section limit calculations.  Tidy array
+	indexing.
+	(_bfd_XX_print_ce_compressed_pdata): Don't leak memory.
+
 2010-09-02  Richard Henderson  <rth@redhat.com>
 
 	* config.bfd (x86_64-*-mingw*): Select 32-bit pei vectors too.

bfd/peXXigen.c

@@ -550,7 +550,7 @@ _bfd_XXi_swap_aouthdr_out (bfd * abfd, void * in, void * out)
   PEAOUTHDR *aouthdr_out = (PEAOUTHDR *) out;
   bfd_vma sa, fa, ib;
   IMAGE_DATA_DIRECTORY idata2, idata5, tls;
-  
+
   sa = extra->SectionAlignment;
   fa = extra->FileAlignment;
   ib = extra->ImageBase;
@@ -558,7 +558,7 @@ _bfd_XXi_swap_aouthdr_out (bfd * abfd, void * in, void * out)
   idata2 = pe->pe_opthdr.DataDirectory[PE_IMPORT_TABLE];
   idata5 = pe->pe_opthdr.DataDirectory[PE_IMPORT_ADDRESS_TABLE];
   tls = pe->pe_opthdr.DataDirectory[PE_TLS_TABLE];
-  
+
   if (aouthdr_in->tsize)
     {
       aouthdr_in->text_start -= ib;
@@ -615,7 +615,7 @@ _bfd_XXi_swap_aouthdr_out (bfd * abfd, void * in, void * out)
     /* Until other .idata fixes are made (pending patch), the entry for
        .idata is needed for backwards compatibility.  FIXME.  */
     add_data_entry (abfd, extra, 1, ".idata", ib);
-    
+
   /* For some reason, the virtual size (which is what's set by
      add_data_entry) for .reloc is not the same as the size recorded
      in this slot by MSVC; it doesn't seem to cause problems (so far),
@@ -926,7 +926,7 @@ _bfd_XXi_swap_scnhdr_out (bfd * abfd, void * in, void * out)
        (0x02000000).  Also, the resource data should also be read and
        writable.  */
 
-    /* FIXME: Alignment is also encoded in this field, at least on PPC and 
+    /* FIXME: Alignment is also encoded in this field, at least on PPC and
        ARM-WINCE.  Although - how do we get the original alignment field
        back ?  */
 
@@ -936,7 +936,7 @@ _bfd_XXi_swap_scnhdr_out (bfd * abfd, void * in, void * out)
       unsigned long	must_have;
     }
     pe_required_section_flags;
-    
+
     pe_required_section_flags known_sections [] =
       {
 	{ ".arch",  IMAGE_SCN_MEM_READ | IMAGE_SCN_CNT_INITIALIZED_DATA | IMAGE_SCN_MEM_DISCARDABLE | IMAGE_SCN_ALIGN_8BYTES },
@@ -1110,7 +1110,6 @@ pe_print_idata (bfd * abfd, void * vfile)
 	   section->name, (unsigned long) addr);
 
   dataoff = addr - section->vma;
-  datasize -= dataoff;
 
 #ifdef POWERPC_LE_PE
   if (rel_section != 0 && rel_section->size != 0)
@@ -1183,7 +1182,7 @@ pe_print_idata (bfd * abfd, void * vfile)
   adj = section->vma - extra->ImageBase;
 
   /* Print all image import descriptors.  */
-  for (i = 0; i < datasize; i += onaline)
+  for (i = dataoff; i + onaline <= datasize; i += onaline)
     {
       bfd_vma hint_addr;
       bfd_vma time_stamp;
@@ -1195,12 +1194,12 @@ pe_print_idata (bfd * abfd, void * vfile)
       char *dll;
 
       /* Print (i + extra->DataDirectory[PE_IMPORT_TABLE].VirtualAddress).  */
-      fprintf (file, " %08lx\t", (unsigned long) (i + adj + dataoff));
-      hint_addr = bfd_get_32 (abfd, data + i + dataoff);
-      time_stamp = bfd_get_32 (abfd, data + i + 4 + dataoff);
-      forward_chain = bfd_get_32 (abfd, data + i + 8 + dataoff);
-      dll_name = bfd_get_32 (abfd, data + i + 12 + dataoff);
-      first_thunk = bfd_get_32 (abfd, data + i + 16 + dataoff);
+      fprintf (file, " %08lx\t", (unsigned long) (i + adj));
+      hint_addr = bfd_get_32 (abfd, data + i);
+      time_stamp = bfd_get_32 (abfd, data + i + 4);
+      forward_chain = bfd_get_32 (abfd, data + i + 8);
+      dll_name = bfd_get_32 (abfd, data + i + 12);
+      first_thunk = bfd_get_32 (abfd, data + i + 16);
 
       fprintf (file, "%08lx %08lx %08lx %08lx %08lx\n",
 	       (unsigned long) hint_addr,
@@ -1225,16 +1224,17 @@ pe_print_idata (bfd * abfd, void * vfile)
 	  bfd_vma ft_addr;
 	  bfd_size_type ft_datasize;
 	  int ft_idx;
-	  int ft_allocated = 0;
+	  int ft_allocated;
 
 	  fprintf (file, _("\tvma:  Hint/Ord Member-Name Bound-To\n"));
 
 	  idx = hint_addr - adj;
-	  
+
 	  ft_addr = first_thunk + extra->ImageBase;
-	  ft_data = data;
 	  ft_idx = first_thunk - adj;
-	  ft_allocated = 0; 
+	  ft_data = data + ft_idx;
+	  ft_datasize = datasize - ft_idx;
+	  ft_allocated = 0;
 
 	  if (first_thunk != hint_addr)
 	    {
@@ -1243,9 +1243,8 @@ pe_print_idata (bfd * abfd, void * vfile)
 		   ft_section != NULL;
 		   ft_section = ft_section->next)
 		{
-		  ft_datasize = ft_section->size;
 		  if (ft_addr >= ft_section->vma
-		      && ft_addr < ft_section->vma + ft_datasize)
+		      && ft_addr < ft_section->vma + ft_section->size)
 		    break;
 		}
 
@@ -1258,34 +1257,28 @@ pe_print_idata (bfd * abfd, void * vfile)
 
 	      /* Now check to see if this section is the same as our current
 		 section.  If it is not then we will have to load its data in.  */
-	      if (ft_section == section)
-		{
-		  ft_data = data;
-		  ft_idx = first_thunk - adj;
-		}
-	      else
+	      if (ft_section != section)
 		{
 		  ft_idx = first_thunk - (ft_section->vma - extra->ImageBase);
-		  ft_data = (bfd_byte *) bfd_malloc (datasize);
+		  ft_datasize = ft_section->size - ft_idx;
+		  ft_data = (bfd_byte *) bfd_malloc (ft_datasize);
 		  if (ft_data == NULL)
 		    continue;
 
-		  /* Read datasize bfd_bytes starting at offset ft_idx.  */
-		  if (! bfd_get_section_contents
-		      (abfd, ft_section, ft_data, (bfd_vma) ft_idx, datasize))
+		  /* Read ft_datasize bytes starting at offset ft_idx.  */
+		  if (!bfd_get_section_contents (abfd, ft_section, ft_data,
+						 (bfd_vma) ft_idx, ft_datasize))
 		    {
 		      free (ft_data);
 		      continue;
 		    }
-
-		  ft_idx = 0;
 		  ft_allocated = 1;
 		}
 	    }
 
 	  /* Print HintName vector entries.  */
 #ifdef COFF_WITH_pex64
-	  for (j = 0; j < datasize; j += 8)
+	  for (j = 0; idx + j + 8 <= datasize; j += 8)
 	    {
 	      unsigned long member = bfd_get_32 (abfd, data + idx + j);
 	      unsigned long member_high = bfd_get_32 (abfd, data + idx + j + 4);
@@ -1310,17 +1303,18 @@ pe_print_idata (bfd * abfd, void * vfile)
 		 table holds actual addresses.  */
 	      if (time_stamp != 0
 		  && first_thunk != 0
-		  && first_thunk != hint_addr)
+		  && first_thunk != hint_addr
+		  && j + 4 <= ft_datasize)
 		fprintf (file, "\t%04lx",
-			 (unsigned long) bfd_get_32 (abfd, ft_data + ft_idx + j));
+			 (unsigned long) bfd_get_32 (abfd, ft_data + j));
 	      fprintf (file, "\n");
 	    }
 #else
-	  for (j = 0; j < datasize; j += 4)
+	  for (j = 0; idx + j + 4 <= datasize; j += 4)
 	    {
 	      unsigned long member = bfd_get_32 (abfd, data + idx + j);
 
-	      /* Print single IMAGE_IMPORT_BY_NAME vector.  */ 
+	      /* Print single IMAGE_IMPORT_BY_NAME vector.  */
 	      if (member == 0)
 		break;
 
@@ -1342,9 +1336,10 @@ pe_print_idata (bfd * abfd, void * vfile)
 		 table holds actual addresses.  */
 	      if (time_stamp != 0
 		  && first_thunk != 0
-		  && first_thunk != hint_addr)
+		  && first_thunk != hint_addr
+		  && j + 4 <= ft_datasize)
 		fprintf (file, "\t%04lx",
-			 (unsigned long) bfd_get_32 (abfd, ft_data + ft_idx + j));
+			 (unsigned long) bfd_get_32 (abfd, ft_data + j));
 
 	      fprintf (file, "\n");
 	    }
@@ -1583,7 +1578,7 @@ pe_print_edata (bfd * abfd, void * vfile)
 /* This really is architecture dependent.  On IA-64, a .pdata entry
    consists of three dwords containing relative virtual addresses that
    specify the start and end address of the code range the entry
-   covers and the address of the corresponding unwind info data. 
+   covers and the address of the corresponding unwind info data.
 
    On ARM and SH-4, a compressed PDATA structure is used :
    _IMAGE_CE_RUNTIME_FUNCTION_ENTRY, whereas MIPS is documented to use
@@ -1828,7 +1823,6 @@ _bfd_XX_print_ce_compressed_pdata (bfd * abfd, void * vfile)
       bfd_vma other_data;
       bfd_vma prolog_length, function_length;
       int flag32bit, exception_flag;
-      bfd_byte *tdata = 0;
       asection *tsection;
 
       if (i + PDATA_ROW_SIZE > stop)
@@ -1860,12 +1854,13 @@ _bfd_XX_print_ce_compressed_pdata (bfd * abfd, void * vfile)
       if (tsection && coff_section_data (abfd, tsection)
 	  && pei_section_data (abfd, tsection))
 	{
-	  if (bfd_malloc_and_get_section (abfd, tsection, & tdata))
-	    {
-	      int xx = (begin_addr - 8) - tsection->vma;
+	  bfd_vma eh_off = (begin_addr - 8) - tsection->vma;
+	  bfd_byte *tdata;
 
-	      tdata = (bfd_byte *) bfd_malloc (8);
-	      if (bfd_get_section_contents (abfd, tsection, tdata, (bfd_vma) xx, 8))
+	  tdata = (bfd_byte *) bfd_malloc (8);
+	  if (tdata)
+	    {
+	      if (bfd_get_section_contents (abfd, tsection, tdata, eh_off, 8))
 		{
 		  bfd_vma eh, eh_data;
 
@@ -1883,11 +1878,6 @@ _bfd_XX_print_ce_compressed_pdata (bfd * abfd, void * vfile)
 		}
 	      free (tdata);
 	    }
-	  else
-	    {
-	      if (tdata)
-		free (tdata);
-	    }
 	}
 
       fprintf (file, "\n");
@@ -2194,7 +2184,7 @@ _bfd_XX_bfd_copy_private_bfd_data_common (bfd * ibfd, bfd * obfd)
 
   ipe = pe_data (ibfd);
   ope = pe_data (obfd);
- 
+
   /* pe_opthdr is copied in copy_object.  */
   ope->dll = ipe->dll;
 
@@ -2288,7 +2278,7 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
 			      ".idata$2", FALSE, FALSE, TRUE);
   if (h1 != NULL)
     {
-      /* PR ld/2729: We cannot rely upon all the output sections having been 
+      /* PR ld/2729: We cannot rely upon all the output sections having been
 	 created properly, so check before referencing them.  Issue a warning
 	 message for any sections tht could not be found.  */
       if ((h1->root.type == bfd_link_hash_defined
@@ -2302,7 +2292,7 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
       else
 	{
 	  _bfd_error_handler
-	    (_("%B: unable to fill in DataDictionary[1] because .idata$2 is missing"), 
+	    (_("%B: unable to fill in DataDictionary[1] because .idata$2 is missing"),
 	     abfd);
 	  result = FALSE;
 	}
@@ -2322,7 +2312,7 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
       else
 	{
 	  _bfd_error_handler
-	    (_("%B: unable to fill in DataDictionary[1] because .idata$4 is missing"), 
+	    (_("%B: unable to fill in DataDictionary[1] because .idata$4 is missing"),
 	     abfd);
 	  result = FALSE;
 	}
@@ -2343,7 +2333,7 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
       else
 	{
 	  _bfd_error_handler
-	    (_("%B: unable to fill in DataDictionary[12] because .idata$5 is missing"), 
+	    (_("%B: unable to fill in DataDictionary[12] because .idata$5 is missing"),
 	     abfd);
 	  result = FALSE;
 	}
@@ -2359,11 +2349,11 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
 	  ((h1->root.u.def.value
 	    + h1->root.u.def.section->output_section->vma
 	    + h1->root.u.def.section->output_offset)
-	   - pe_data (abfd)->pe_opthdr.DataDirectory[PE_IMPORT_ADDRESS_TABLE].VirtualAddress);      
+	   - pe_data (abfd)->pe_opthdr.DataDirectory[PE_IMPORT_ADDRESS_TABLE].VirtualAddress);
       else
 	{
 	  _bfd_error_handler
-	    (_("%B: unable to fill in DataDictionary[PE_IMPORT_ADDRESS_TABLE (12)] because .idata$6 is missing"), 
+	    (_("%B: unable to fill in DataDictionary[PE_IMPORT_ADDRESS_TABLE (12)] because .idata$6 is missing"),
 	     abfd);
 	  result = FALSE;
 	}
@@ -2385,7 +2375,7 @@ _bfd_XXi_final_link_postscript (bfd * abfd, struct coff_final_link_info *pfinfo)
       else
 	{
 	  _bfd_error_handler
-	    (_("%B: unable to fill in DataDictionary[9] because __tls_used is missing"), 
+	    (_("%B: unable to fill in DataDictionary[9] because __tls_used is missing"),
 	     abfd);
 	  result = FALSE;
 	}