15 Commits

Author SHA1 Message Date
Nick Clifton
acb56a8301 Fix access violation when parsing a corrupt IEEE binary.
PR binutils/21612
	* libieee.h (struct common_header_type): Add end_p field.
	* ieee.c (this_byte_and_next): Do not advance input_p beyond
	end_p.
	(read_id): Check for a length that exceeds the remaining bytes in
	the input buffer.
	(ieee_seek): Initialise end_p.
	(ieee_archive_p): Likewise.
	(ieee_object_p): Likewise.
2017-06-19 14:06:53 +01:00
Alan Modra
2571583aed Update year range in copyright notice of all files. 2017-01-02 14:08:56 +10:30
Alan Modra
6f2750feaf Copyright update for binutils 2016-01-01 23:00:01 +10:30
Alan Modra
b90efa5b79 ChangeLog rotatation and copyright year update 2015-01-02 00:53:45 +10:30
Nick Clifton
0a9d414aa1 Fixes for memory access violations exposed by fuzzinf various binaries.
PR binutils/17512
	* dwarf.c (get_encoded_value): Check for an encoded size of 0.
	(display_debug_lines_raw): Check for an invalid line range value.
	(display_debug_frames): Check for corrupt augmentation data.

	* coffgen.c (coff_get_normalized_symtab): Check for an excessive
	number of auxillary entries.
	* ieee.c (next_byte): Convert to a function.  Return FALSE if the
	next byte is beyond the end of the buffer.
	(parse_int): Test the return value of next_byte.
	(parse_expression): Convert to boolean.  Return FALSE if the
	parsing failed.  Test the return value of next_byte.
	(ieee_seek): Convert to a function.  Return FALSE if the seek goes
	beyond the end of the buffer.
	(ieee_slurp_external_symbols): Test the return value of ieee_seek
	and next_byte.
	(ieee_slurp_sections): Convert to boolean.  Return FALSE if the
	operation failed.  Test the return value of ieee_seek and
	next_byte.
	(ieee_archive_p): Test the return value of ieee_seek and
	next_byte.
	(do_one): Likewise.
	(ieee_slurp_section_data): Likewise.
	(ieee_object_p): Likewise.  Store the size of the buffer in the
	total_amt field in the header.
	* libieee.h (common_header_type): Add amt field.
	* mach-o.c (bfd_mach_o_canonicalize_one_reloc): Check that the
	reloc's value is within range.
	(bfd_mach_o_read_symtab_symbols): Nullify the symbols field if the
	operation fails.
	* pei-x86_64.c (pex64_xdata_print_uwd_codes): Replace abort with
	an error message.
	(pex64_dump_xdata): Check for buffer overflows.
	* versados.c (process_otr): Check that the section exists before
	taking its size.
	(versados_object_p): Make sure that enough data was read for the
	header to be checked.
	* vms-alpha.c (vms_get_remaining_object_record): Change
	read_so_far parameter to an unsigned int.  Check that the amount
	read is in range.
2014-11-21 21:44:04 +00:00
Alan Modra
4b95cf5c0c Update copyright years 2014-03-05 22:16:15 +10:30
Alan Modra
aa820537ea update copyright dates 2009-09-02 07:25:43 +00:00
Nick Clifton
cd123cb70c Switch sources over to use the GPL version 3 2007-07-03 14:26:43 +00:00
Nick Clifton
3e11053365 Update the address and phone number of the FSF organization in the GPL notices 2005-05-04 15:53:43 +00:00
Nick Clifton
53e09e0aaf Update the FSF address in the copyright/GPL notice 2005-05-04 07:19:45 +00:00
Alan Modra
b34976b65a s/boolean/bfd_boolean/ s/true/TRUE/ s/false/FALSE/. Simplify
comparisons of bfd_boolean vars with TRUE/FALSE.  Formatting.
2002-11-30 08:39:46 +00:00
Alan Modra
dc810e3900 Touches most files in bfd/, so likely will be blamed for everything..
o  bfd_read and bfd_write lose an unnecessary param and become
   bfd_bread and bfd_bwrite.

o  bfd_*alloc now all take a bfd_size_type arg, and will error if
   size_t is too small.  eg. 32 bit host, 64 bit bfd, verrry big files
   or bugs in linker scripts etc.

o  file_ptr becomes a bfd_signed_vma.  Besides matching sizes with
   various other types involved in handling sections, this should make
   it easier for bfd to support a 64 bit off_t on 32 bit hosts that
   provide it.

o  I've made the H_GET_* and H_PUT_* macros (which invoke bfd_h_{get,put}_*)
   generally available.  They now cast their args to bfd_vma and
   bfd_byte * as appropriate, which removes a swag of casts from the
   source.

o  Bug fixes to bfd_get8, aix386_core_vec, elf32_h8_relax_section, and
   aout-encap.c.

o  Zillions of formatting and -Wconversion fixes.
2001-09-18 09:57:26 +00:00
Alan Modra
47fda0d3d9 * libieee.h (common_header_type): Add last_byte field.
* ieee.c: Add missing prototypes.  Some format fixes.
	(struct output_buffer_struct): Move for availability to prototypes.
	(ieee_part_after): New function.
	(ieee_slurp_debug): Use it here.
	(ieee_seek): Pass in ieee_data_struct rather than bfd.  Use
	ieee_part_after to set last_byte to one past end of current part.
	Update callers.
	(ieee_pos): Pass in ieee_data_struct rather than bfd.
	Update callers.
	(parse_expression): Don't go beyond the end of the current part.
	(ieee_slurp_external_symbols): Correct type passed to read_2bytes.
	(ieee_get_symtab_upper_bound, ieee_get_symtab,
	ieee_get_symbol_info, ieee_print_symbol, ieee_new_section_hook,
	ieee_get_reloc_upper_bound, ieee_canonicalize_reloc, block,
	ieee_set_section_contents, ieee_write_object_contents,
	ieee_make_empty_symbol): Make static.
	(ieee_archive_p): Correct comments regarding bfd_read.
	(ieee_object_p): Similarly.
	(ieee_mkobject): Move it.  Clear output_ptr_start, output_ptr,
	output_ptr_end, input_ptr_start, input_ptr, input_ptr_end,
	input_bfd, output_bfd, output_buffer.
	(do_as_repeat): Write out ieee_set_current_pc_enum value as for
	do_with_relocs, ie. as a symbol for relocatable files.
	(ieee_vec): Add comments showing functions referenced by macros.
2001-08-15 14:44:40 +00:00
Nick Clifton
7898dedac0 Update copyright notices 2001-03-08 21:04:02 +00:00
Richard Henderson
252b5132c7 19990502 sourceware import 1999-05-03 07:29:11 +00:00