OpenE2K
/
binutils-gdb
12
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

More fixes for corrupt binaries crashing the binutils. 

PR binutils/17512
	* elf.c (bfd_section_from_shdr): Allocate and free the recursion
	detection table on a per-bfd basis.
	* peXXigen.c (pe_print_edata): Handle binaries with a truncated
	export table.
This commit is contained in:
Nick Clifton 2014-10-28 15:42:56 +00:00
parent 1df4399f27
commit 5a4b0ccc20
3 changed files with 30 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
bfd/ChangeLog
View File

@ -1,3 +1,11 @@
2014-10-28 Nick Clifton <nickc@redhat.com>
PR binutils/17512
* elf.c (bfd_section_from_shdr): Allocate and free the recursion
detection table on a per-bfd basis.
* peXXigen.c (pe_print_edata): Handle binaries with a truncated
export table.
2014-10-28 Andreas Schwab <schwab@suse.de> 2014-10-28 Andreas Schwab <schwab@suse.de>
Nick Clifton <nickc@redhat.com> Nick Clifton <nickc@redhat.com>

16
bfd/elf.c
View File

@ -1580,6 +1580,7 @@ bfd_section_from_shdr (bfd *abfd, unsigned int shindex)
const char *name; const char *name;
bfd_boolean ret = TRUE; bfd_boolean ret = TRUE;
static bfd_boolean * sections_being_created = NULL; static bfd_boolean * sections_being_created = NULL;
static bfd * sections_being_created_abfd = NULL;
static unsigned int nesting = 0; static unsigned int nesting = 0;
if (shindex >= elf_numsections (abfd)) if (shindex >= elf_numsections (abfd))
@ -1592,13 +1593,19 @@ bfd_section_from_shdr (bfd *abfd, unsigned int shindex)
loop. Detect this here, by refusing to load a section that we are loop. Detect this here, by refusing to load a section that we are
already in the process of loading. We only trigger this test if already in the process of loading. We only trigger this test if
we have nested at least three sections deep as normal ELF binaries we have nested at least three sections deep as normal ELF binaries
can expect to recurse at least once. */ can expect to recurse at least once.
FIXME: It would be better if this array was attached to the bfd,
rather than being held in a static pointer. */
if (sections_being_created_abfd != abfd)
sections_being_created = NULL;
if (sections_being_created == NULL) if (sections_being_created == NULL)
{ {
/* FIXME: It would be more efficient to attach this array to the bfd somehow. */ /* FIXME: It would be more efficient to attach this array to the bfd somehow. */
sections_being_created = (bfd_boolean *) sections_being_created = (bfd_boolean *)
bfd_zalloc (abfd, elf_numsections (abfd) * sizeof (bfd_boolean)); bfd_zalloc (abfd, elf_numsections (abfd) * sizeof (bfd_boolean));
sections_being_created_abfd = abfd;
} }
if (sections_being_created [shindex]) if (sections_being_created [shindex])
{ {
@ -2102,7 +2109,10 @@ bfd_section_from_shdr (bfd *abfd, unsigned int shindex)
if (sections_being_created) if (sections_being_created)
sections_being_created [shindex] = FALSE; sections_being_created [shindex] = FALSE;
if (-- nesting == 0) if (-- nesting == 0)
sections_being_created = NULL; {
sections_being_created = NULL;
sections_being_created_abfd = abfd;
}
return ret; return ret;
} }

9
bfd/peXXigen.c
View File

@ -1611,6 +1611,15 @@ pe_print_edata (bfd * abfd, void * vfile)
} }
} }
/* PR 17512: Handle corrupt PE binaries. */
if (datasize < 36)
{
fprintf (file,
_("\nThere is an export table in %s, but it is too small (%d)\n"),
section->name, (int) datasize);
return TRUE;
}
fprintf (file, _("\nThere is an export table in %s at 0x%lx\n"), fprintf (file, _("\nThere is an export table in %s at 0x%lx\n"),
section->name, (unsigned long) addr); section->name, (unsigned long) addr);