f3445b37b6
13 Commits
Author | SHA1 | Message | Date | |
---|---|---|---|---|
Nick Clifton
|
64d2901806 |
More fixes for illegal memory accesses triggered by running objdump on fuzzed binaries.
PR binutils/17512 * objdump.c (display_any_bfd): Fail if archives nest too deeply. * ecoff.c: Use bfd_alloc2 to allocate space for structure arrays. (_bfd_ecoff_slurp_symbol_table): Check for a negative symbol index or an out of range fdr index. * elf-m10300.c (mn10300_info_to_howto): Fix typo in error message. * elf32-arc.c (arc_info_to_howto_rel): Likewise. * elf32-avr.c (avr_info_to_howto_rela): Likewise. * elf32-cr16.c (elf_cr16_info_to_howto): Likewise. * elf32-cr16c.c (elf_cr16c_info_to_howto_rel): Likewise. * elf32-cris.c (cris_info_to_howto_rela): Likewise. * elf32-crx.c (elf_crx_info_to_howto): Likewise. * elf32-d10v.c (d10v_info_to_howto_rel): Likewise. * elf32-d30v.c (d30v_info_to_howto_rel): Likewise. * elf32-epiphany.c (epiphany_info_to_howto_rela): Likewise. * elf32-fr30.c (fr30_info_to_howto_rela): Likewise. * elf32-frv.c (frv_info_to_howto_rela): Likewise. * elf32-i370.c (i370_elf_info_to_howto): Likewise. * elf32-i960.c (elf32_i960_info_to_howto_rel): Likewise. * elf32-ip2k.c (ip2k_info_to_howto_rela): Likewise. * elf32-iq2000.c (iq2000_info_to_howto_rela): Likewise. * elf32-lm32.c (lm32_info_to_howto_rela): Likewise. * elf32-m32c.c (m32c_info_to_howto_rela): Likewise. * elf32-m32r.c (m32r_info_to_howto_rel): Likewise. * elf32-m68hc11.c (m68hc11_info_to_howto_rel): Likewise. * elf32-m68hc12.c (m68hc11_info_to_howto_rel): Likewise. * elf32-mcore.c (mcore_elf_info_to_howto): Likewise. * elf32-mep.c (mep_info_to_howto_rela): Likewise. * elf32-metag.c (metag_info_to_howto_rela): Likewise. * elf32-microblaze.c (microblaze_elf_info_to_howto): Likewise. * elf32-moxie.c (moxie_info_to_howto_rela): Likewise. * elf32-msp430.c (msp430_info_to_howto_rela): Likewise. * elf32-mt.c (mt_info_to_howto_rela): Likewise. * elf32-nds32.c (nds32_info_to_howto_rel): Likewise. * elf32-or1k.c (or1k_info_to_howto_rela): Likewise. * elf32-pj.c (pj_elf_info_to_howto): Likewise. * elf32-ppc.c (ppc_elf_info_to_howto): Likewise. * elf32-rl78.c (rl78_info_to_howto_rela): Likewise. * elf32-rx.c (rx_info_to_howto_rela): Likewise. * elf32-sh.c (sh_elf_info_to_howto): Likewise. * elf32-spu.c (spu_elf_info_to_howto): Likewise. * elf32-v850.c (v850_elf_perform_relocation): Likewise. * elf32-vax.c (rtype_to_howto): Likewise. * elf32-visium.c (visium_info_to_howto_rela): Likewise. * elf32-xgate.c (xgate_info_to_howto_rel): Likewise. * elf32-xtensa.c (elf_xtensa_info_to_howto_rela): Likewise. * elf64-alpha.c (elf64_alpha_info_to_howto): Likewise. * elf64-mmix.c (mmix_info_to_howto_rela): Likewise. * mach-o.c: Use bfd_alloc2 to allocate space for structure arrays. (bfd_mach_o_canonicalize_one_reloc): Fix check on out of range symbol indicies. (bfd_mach_o_canonicalize_relocs): Check for out of range alloc. (bfd_mach_o_canonicalize_dynamic_reloc): Likewise. (bfd_mach_o_build_dysymtab): Likewise. (bfd_mach_o_write_symtab_content): Set the string table size to zero upon error. (bfd_mach_o_read_symtab_symbols): Reset the nsyms value if the read fails. * peXXigen.c (pe_print_edata): Check for numeric overflow in edt fields. * tekhex.c (first_phase): Check for src pointer reaching end of buffer. |
||
Alan Modra
|
6346d5ca43 |
Fallout from recent bfd_reloc_outofrange changes
Commit |
||
Alan Modra
|
b90efa5b79 | ChangeLog rotatation and copyright year update | ||
Nick Clifton
|
5860e3f883 |
More fixes for memory access violations exposed by fuzzed binaries.
PR binutils/17512 * archive.c (do_slurp_bsd_armap): Return if the parsed_size is zero. (bfd_slurp_armap): Zero terminate the name. (bfd_generic_stat_arch_elt): If there is no header, fail. * elf32-arc.c (arc_info_to_howto_rel): Replace BFD_ASSERT with error message. * elf32-avr.c (avr_info_to_howto_rela): Likewise. * elf32-cr16c.c (elf_cr16c_info_to_howto_rel): Likewise. * elf32-cris.c (cris_info_to_howto_rela): Likewise. * elf32-d10v.c (d10v_info_to_howto_rel): Likewise. * elf32-d30v.c (d30v_info_to_howto_rel): Likewise. * elf32-dlx.c (dlx_rtype_to_howto): Likewise. * elf32-epiphany.c (epiphany_info_to_howto_rela): Likewise. * elf32-fr30.c (fr30_info_to_howto_rela): Likewise. * elf32-frv.c (frv_info_to_howto_rela): Likewise. * elf32-i960.c (elf32_i960_info_to_howto_rel): Likewise. * elf32-ip2k.c (ip2k_info_to_howto_rela): Likewise. * elf32-iq2000.c (iq2000_info_to_howto_rela): Likewise. * elf32-lm32.c (lm32_info_to_howto_rela): Likewise. * elf32-m32c.c (m32c_info_to_howto_rela): Likewise. * elf32-m32r.c (m32r_info_to_howto_rel): Likewise. * elf32-m68hc11.c (m68hc11_info_to_howto_rel): Likewise. * elf32-m68hc12.c (m68hc11_info_to_howto_rel): Likewise. * elf32-mep.c (mep_info_to_howto_rela): Likewise. * elf32-metag.c (metag_info_to_howto_rela): Likewise. * elf32-moxie.c (moxie_info_to_howto_rela): Likewise. * elf32-msp430.c (msp430_info_to_howto_rela): Likewise. * elf32-mt.c (mt_info_to_howto_rela): Likewise. * elf32-nds32.c (nds32_info_to_howto_rel): Likewise. * elf32-or1k.c (or1k_info_to_howto_rela): Likewise. * elf32-rl78.c (rl78_info_to_howto_rela): Likewise. * elf32-rx.c (rx_info_to_howto_rela): Likewise. * elf32-v850.c (v850_elf_info_to_howto_rel): Likewise. * elf32-visium.c (visium_info_to_howto_rela): Likewise. * elf32-xgate.c (xgate_info_to_howto_rel): Likewise. * elf32-xtensa.c (elf_xtensa_info_to_howto_rela): Likewise. * elf64-mmix.c (mmix_info_to_howto_rela): Likewise. * elf64-x86-64.c (elf_x86_64_reloc_type_lookup): Likewise. * elfnn-aarch64.c (elfNN_aarch64_bfd_reloc_from_type): Likewise. * elf64-sparc.c (elf64_sparc_slurp_one_reloc_table): Add range checking of reloc symbol index. * mach-o.c (bfd_mach_o_canonicalize_one_reloc): If no symbols have been provided then set the reloc's symbol to undefined. * reloc.c (bfd_generic_get_relocated_section_contents): Add range checking of the reloc to be applied. * versados.c (process_otr): Add more range checks. (versados_canonicalize_reloc): If the section is unknown, set the symbol to undefined. * vms-alpha.c (_bfd_vms_slurp_eisd): Add range checks. (alpha_vms_object_p): Likewise. |
||
Alan Modra
|
d495ab0d84 |
Free linker hash table from bfd_close.
Also tidies numerous error exit paths in various link_hash_table_create functions that failed to free memory. include/ * bfdlink.h (struct bfd_link_hash_table): Add hash_table_free field. bfd/ * archive.c: Include bfdlink.h. (_bfd_archive_close_and_cleanup): Call linker hash_table_free. * bfd.c (struct bfd): Add is_linker_output field. * elf-bfd.h (_bfd_elf_link_hash_table_free): Update prototype. * linker.c (_bfd_link_hash_table_init): Set up hash_table_free, link.hash and is_linker_output. (_bfd_generic_link_hash_table_free): Replace bfd_link_hash_table* param with bfd*. Assert is_linker_output and link.hash, and clear them before exit. * elf-m10300.c (elf32_mn10300_link_hash_table_free): Replace bfd_link_hash_table* param with bfd*. Hack is_linker_output and link.hash so we can free two linker hash tables. (elf32_mn10300_link_hash_table_create): Create static_hash_table first. Clean up on errors. Set hash_table_free pointer. * elf32-arm.c (elf32_arm_link_hash_table_free): Replace bfd_link_hash_table* param with bfd*. (elf32_arm_link_hash_table_create): Clean up on errors. Set hash_table_free pointer. * elf32-avr.c, * elf32-hppa.c, * elf32-i386.c, * elf32-m68hc1x.c, * elf32-m68k.c, * elf32-metag.c, * elf32-nios2.c, * elf32-xgate.c, * elf64-ia64-vms.c, * elf64-ppc.c, * elf64-x86-64.c, * elflink.c, * elfnn-aarch64.c, * elfnn-ia64.c, * elfxx-sparc.c, * xcofflink.c: Similarly. * simple.c (bfd_simple_get_relocated_section_contents): Save and clear link.next before creating linker hash table. Clean up on errors, and restore link.next on exit. * elf32-m68hc1x.h (m68hc11_elf_bfd_link_hash_table_free): Delete. * elf32-xgate.h (xgate_elf_bfd_link_hash_table_free): Delete. * elfxx-sparc.h (_bfd_sparc_elf_link_hash_table_free): Delete. * libcoff-in.h (_bfd_xcoff_bfd_link_hash_table_free): Delete. * hash.c (bfd_hash_table_init_n): Free table on error. * libbfd-in.h (_bfd_generic_link_hash_table_free): Update proto. * bfd-in2.h: Regenerate. * libbfd.h: Regenerate. * libcoff.h: Regenerate. |
||
Alan Modra
|
caa4096e84 |
Don't call bfd_link_hash_table_free
Freeing the linker hash table is a royal pain. It can't be freed before the _bfd_write_contents call in bfd_close, because some target bfd_write_contents functions access the hash table. It can't be freed after bfd_close either, since bfd_alloc memory holding side data structures disappears (PR17047). Clearly the only place it can be freed is actually in bfd_close. This patch doesn't do that, but kills off the existing means of freeing the hash table via a bfd target xvec call. bfd/ PR 17047 * targets.c (BFD_JUMP_TABLE): Delete NAME##_bfd_link_hash_table_free. (struct bfd_target <_bfd_link_hash_table_free>): Delete. * bfd.c (bfd_link_hash_table_free): Don't define. * aout-adobe.c, * aout-target.h, * aout-tic30.c, * binary.c, * bout.c, * coff64-rs6000.c, * coffcode.h, * elf-m10300.c, * elf32-arm.c, * elf32-avr.c, * elf32-hppa.c, * elf32-i386.c, * elf32-m68hc11.c, * elf32-m68hc12.c, * elf32-m68k.c, * elf32-metag.c, * elf32-nios2.c, * elf32-sparc.c, * elf32-xgate.c, * elf64-ia64-vms.c, * elf64-ppc.c, * elf64-sparc.c, * elf64-x86-64.c, * elfnn-aarch64.c, * elfnn-ia64.c, * elfxx-target.h, * i386msdos.c, * i386os9k.c, * ieee.c, * ihex.c, * libbfd-in.h, * libecoff.h, * mach-o-target.c, * mmo.c, * nlm-target.h, * oasys.c, * pef.c, * plugin.c, * ppcboot.c, * som.c, * srec.c, * tekhex.c, * verilog.c, * versados.c, * vms-alpha.c, * xsym.c: Don't define various link_hash_table_free defines, and remove from bfd_target vars. Temporarily reference some of the target link_hash_table_free functions to avoid warnings. * bfd-in2.h: Regenerate. * libbfd.h: Regenerate. ld/ PR 17047 * ldlang.c (output_bfd_hash_table_free_fn): Delete. (open_output): Don't set it.. * ldmain.c (ld_cleanup): ..or call it. |
||
Alan Modra
|
6d00b59031 |
bfd target vector rationalisation
This renames the bfd targets to <cpu>_<format>_<other>_<endian>_vec. So for example, bfd_elf32_ntradlittlemips_vec becomes mips_elf32_ntrad_le_vec and hp300bsd_vec becomes m68k_aout_hp300bsd_vec. bfd/ * aix386-core.c, * aout-adobe.c, * aout-arm.c, * aout-ns32k.c, * aout-sparcle.c, * aout0.c, * aoutx.h, * armnetbsd.c, * bout.c, * cf-i386lynx.c, * cf-sparclynx.c, * cisco-core.c, * coff-alpha.c, * coff-apollo.c, * coff-arm.c, * coff-aux.c, * coff-go32.c, * coff-h8300.c, * coff-h8500.c, * coff-i386.c, * coff-i860.c, * coff-i960.c, * coff-m68k.c, * coff-m88k.c, * coff-mips.c, * coff-rs6000.c, * coff-sh.c, * coff-sparc.c, * coff-stgo32.c, * coff-svm68k.c, * coff-tic80.c, * coff-u68k.c, * coff-w65.c, * coff-we32k.c, * coff-x86_64.c, * coff-z80.c, * coff-z8k.c, * coff64-rs6000.c, * config.bfd, * configure.com, * configure.in, * demo64.c, * elf-m10200.c, * elf-m10300.c, * elf32-am33lin.c, * elf32-arc.c, * elf32-arm.c, * elf32-avr.c, * elf32-bfin.c, * elf32-cr16.c, * elf32-cr16c.c, * elf32-cris.c, * elf32-crx.c, * elf32-d10v.c, * elf32-d30v.c, * elf32-dlx.c, * elf32-epiphany.c, * elf32-fr30.c, * elf32-frv.c, * elf32-gen.c, * elf32-h8300.c, * elf32-hppa.c, * elf32-i370.c, * elf32-i386.c, * elf32-i860.c, * elf32-i960.c, * elf32-ip2k.c, * elf32-iq2000.c, * elf32-lm32.c, * elf32-m32c.c, * elf32-m32r.c, * elf32-m68hc11.c, * elf32-m68hc12.c, * elf32-m68k.c, * elf32-m88k.c, * elf32-mcore.c, * elf32-mep.c, * elf32-metag.c, * elf32-microblaze.c, * elf32-mips.c, * elf32-moxie.c, * elf32-msp430.c, * elf32-mt.c, * elf32-nds32.c, * elf32-nios2.c, * elf32-or1k.c, * elf32-pj.c, * elf32-ppc.c, * elf32-rl78.c, * elf32-rx.c, * elf32-s390.c, * elf32-score.c, * elf32-sh-symbian.c, * elf32-sh.c, * elf32-sh64.c, * elf32-sparc.c, * elf32-spu.c, * elf32-tic6x.c, * elf32-tilegx.c, * elf32-tilepro.c, * elf32-v850.c, * elf32-vax.c, * elf32-xc16x.c, * elf32-xgate.c, * elf32-xstormy16.c, * elf32-xtensa.c, * elf64-alpha.c, * elf64-gen.c, * elf64-hppa.c, * elf64-ia64-vms.c, * elf64-mips.c, * elf64-mmix.c, * elf64-ppc.c, * elf64-s390.c, * elf64-sh64.c, * elf64-sparc.c, * elf64-tilegx.c, * elf64-x86-64.c, * elfn32-mips.c, * elfnn-aarch64.c, * elfnn-ia64.c, * epoc-pe-arm.c, * epoc-pei-arm.c, * hp300bsd.c, * hp300hpux.c, * hppabsd-core.c, * hpux-core.c, * i386aout.c, * i386bsd.c, * i386dynix.c, * i386freebsd.c, * i386linux.c, * i386lynx.c, * i386mach3.c, * i386msdos.c, * i386netbsd.c, * i386os9k.c, * irix-core.c, * m68k4knetbsd.c, * m68klinux.c, * m68knetbsd.c, * m88kmach3.c, * m88kopenbsd.c, * mach-o-i386.c, * mach-o-x86-64.c, * makefile.vms, * mipsbsd.c, * mmo.c, * netbsd-core.c, * newsos3.c, * nlm32-alpha.c, * nlm32-i386.c, * nlm32-ppc.c, * nlm32-sparc.c, * ns32knetbsd.c, * osf-core.c, * pc532-mach.c, * pe-arm-wince.c, * pe-arm.c, * pe-i386.c, * pe-mcore.c, * pe-mips.c, * pe-ppc.c, * pe-sh.c, * pe-x86_64.c, * pei-arm-wince.c, * pei-arm.c, * pei-i386.c, * pei-ia64.c, * pei-mcore.c, * pei-mips.c, * pei-ppc.c, * pei-sh.c, * pei-x86_64.c, * ppcboot.c, * ptrace-core.c, * riscix.c, * sco5-core.c, * som.c, * sparclinux.c, * sparclynx.c, * sparcnetbsd.c, * sunos.c, * targets.c, * trad-core.c, * vax1knetbsd.c, * vaxbsd.c, * vaxnetbsd.c, * versados.c, * vms-alpha.c, * vms-lib.c: Rename bfd targets to <cpu>_<format>_<other>_<endian>_vec. Adjust associated MY macros on aout targets. * configure: Regenerate. binutils/ * emul_aix.c: Update bfd target vector naming. * testsuite/binutils-all/objcopy.exp: Likewise. ld/ * emultempl/metagelf.em: Update bfd target vector naming. * emultempl/nios2elf.em: Likewise. * emultempl/spuelf.em: Likewise. * emultempl/tic6xdsbt.em: Likewise. |
||
Alan Modra
|
4b95cf5c0c | Update copyright years | ||
Alan Modra
|
9f7c3e5e99 |
* elfcode.h (elf_checksum_contents): Free contents.
* elf-bfd.h (_bfd_elf_link_hash_table_free): Declare. * elflink.c (_bfd_elf_link_hash_table_free): New function. (elf_final_link_free): New function, extracted from.. (bfd_elf_final_link): ..here. Always call _bfd_elf_write_section_eh_frame_hdr. * elfxx-target.h (bfd_elfNN_bfd_link_hash_table_free): Default to _bfd_elf_link_hash_table_free. * libbfd-in.h (_bfd_merge_sections_free): Declare. * libbfd.h: Regenerate. * merge.c (_bfd_merge_sections_free): New function. * elf-eh-frame.c (_bfd_elf_write_section_eh_frame_hdr): Free hdr_info->array. * elf-m10300.c (elf32_mn10300_link_hash_table_free): Call _bfd_elf_link_hash_table_free. * elf32-arm.c (elf32_arm_link_hash_table_free): Likewise. * elf32-avr.c (elf32_avr_link_hash_table_free): Likewise. * elf32-hppa.c (elf32_hppa_link_hash_table_free): Likewise. * elf32-i386.c (elf_i386_link_hash_table_free): Likewise. * elf32-m68hc1x.c (m68hc11_elf_hash_table_free): Likewise. * elf32-m68k.c (elf_m68k_link_hash_table_free): Likewise. * elf32-metag.c (elf_metag_link_hash_table_free): Likewise. * elf32-xgate.c (xgate_elf_bfd_link_hash_table_free): Likewise. * elf64-aarch64.c (elf64_aarch64_link_hash_table_free): Likewise. * elf64-ia64-vms.c (elf64_ia64_hash_table_free): Likewise. * elf64-ppc.c (ppc64_elf_link_hash_table_free): Likewise. * elf64-x86-64.c (elf_x86_64_link_hash_table_free): Likewise. * elfnn-ia64.c (elfNN_ia64_hash_table_free): Likewise. * elf32-cr16.c (elf32_cr16_link_hash_table_free): Delete. (bfd_elf32_bfd_link_hash_table_free): Don't define. * elf32-tic6x.c (elf32_tic6x_link_hash_table_free): Delete. (bfd_elf32_bfd_link_hash_table_free): Dont' define. |
||
Alan Modra
|
7bf52ea2ca |
* coff-arm.c (coff_arm_link_hash_table_create): Use bfd_zmalloc.
* coff-h8300.c (h8300_coff_link_hash_table_create): Likewise. * m68klinux.c (linux_link_hash_table_create): Likewise. * sparclinux.c (linux_link_hash_table_create): Likewise. * sunos.c (sunos_link_hash_table_create): Likewise. * xcofflink.c (_bfd_xcoff_bfd_link_hash_table_create): Likewise. * elf-m10300.c (elf32_mn10300_link_hash_table_create): Likewise. * elf32-arm.c (elf32_arm_link_hash_table_create): Likewise. * elf32-avr.c (elf32_avr_link_hash_table_create): Likewise. * elf32-cr16.c (elf32_cr16_link_hash_table_create): Likewise. * elf32-cris.c (elf_cris_link_hash_table_create): Likewise. * elf32-hppa.c (elf32_hppa_link_hash_table_create): Likewise. * elf32-i386.c (elf_i386_link_hash_table_create): Likewise. * elf32-lm32.c (lm32_elf_link_hash_table_create): Likewise. * elf32-m32r.c (m32r_elf_link_hash_table_create): Likewise. * elf32-m68hc1x.c (m68hc11_elf_hash_table_create): Likewise. * elf32-m68k.c (elf_m68k_link_hash_table_create): Likewise. * elf32-metag.c (elf_metag_link_hash_table_create): Likewise. * elf32-nios2.c (nios2_elf32_link_hash_table_create): Likewise. * elf32-s390.c (elf_s390_link_hash_table_create): Likewise. * elf32-score.c (elf32_score_link_hash_table_create): Likewise. * elf32-spu.c (spu_elf_link_hash_table_create): Likewise. * elf32-tic6x.c (elf32_tic6x_link_hash_table_create): Likewise. * elf32-vax.c (elf_vax_link_hash_table_create): Likewise. * elf32-xgate.c (xgate_elf_bfd_link_hash_table_create): Likewise. * elf32-xtensa.c (elf_xtensa_link_hash_table_create): Likewise. * elf64-aarch64.c (elf64_aarch64_link_hash_table_create): Likewise. * elf64-s390.c (elf_s390_link_hash_table_create): Likewise. * elf64-sh64.c (sh64_elf64_link_hash_table_create): Likewise. * elf64-x86-64.c (elf_x86_64_link_hash_table_create): Likewise. * elfxx-mips.c (_bfd_mips_elf_link_hash_table_create): Likewise. * elflink.c (_bfd_elf_link_hash_table_create): Likewise. (_bfd_elf_link_hash_table_init): Assume zero fill table on entry. |
||
Sean Keys
|
d62734337d |
* elf32-xgate.c(elf_xgate_howto_table): Fix src and dest mask for
R_XGATE_16 |
||
Sean Keys
|
fe54041627 |
gas/config/
* tc-xgate.h: Defined tc_frob_symbol. * tc-xgate.c (xgate_frob_symbol): Wrote new function to mark symbols as being XGATE by setting st_target_internal value. bfd/ * elf32-xgate.c (elf32_xgate_add_symbol_hook): Added a temp patch that forces st_target_internal to equal 1, since tc_frob_symbol seems to need adjusting. |
||
Nick Clifton
|
a8acc5fb18 | Add support for Motorola XGATE embedded CPU |