Imagelibrary/binutils-gdb
1
0
Fork 1
mirror of https://github.com/bminor/binutils-gdb.git synced 2025-12-25 08:47:28 +00:00
Code Issues Packages Projects Releases Wiki Activity

x86: Check plt_got_offset for lazy IBT PLT

Browse Source 
Lazy IBT PLT entries look like

static const bfd_byte elf_i386_lazy_ibt_plt_entry[LAZY_PLT_ENTRY_SIZE] =
{
  0xf3, 0x0f, 0x1e, 0xfb,       /* endbr32                    */
  0x68, 0, 0, 0, 0,             /* pushl immediate            */
  0xe9, 0, 0, 0, 0,             /* jmp relative               */
  0x66, 0x90                    /* xchg %ax,%ax               */
};

static const bfd_byte elf_x86_64_lazy_ibt_plt_entry[LAZY_PLT_ENTRY_SIZE] =
{
  0xf3, 0x0f, 0x1e, 0xfa,       /* endbr64                    */
  0x68, 0, 0, 0, 0,             /* pushq immediate            */
  0xe9, 0, 0, 0, 0,             /* jmpq relative              */
  0x66, 0x90                    /* xchg %ax,%ax               */
};

They only have

unsigned int plt_reloc_offset;  /* ... offset into relocation table. */

and don't have

unsigned int plt_got_offset;    /* ... address of this symbol in .got. */

We should use plt_reloc_offset, not plt_got_offset, to check IBT PLT.

	PR binutils/33358
	* elf32-i386.c (elf_i386_get_synthetic_symtab): Check
	plt_reloc_offset for lazy IBT PLT.
	* elf64-x86-64.c (elf_x86_64_get_synthetic_symtab): Likewise.

Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
This commit is contained in:
H.J. Lu
2025-09-02 11:26:57 -07:00
parent 5d3a6f777d
commit aad80d24d2
2 changed files with 4 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bfd/elf32-i386.c
View File

@@ -4354,7 +4354,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd,
if (lazy_ibt_plt != NULL
&& (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,
lazy_ibt_plt->plt_entry,
lazy_ibt_plt->plt_got_offset) == 0))
lazy_ibt_plt->plt_reloc_offset) == 0))
plt_type = plt_lazy | plt_second;
else
plt_type = plt_lazy;
@@ -4367,7 +4367,7 @@ elf_i386_get_synthetic_symtab (bfd *abfd,
if (lazy_ibt_plt != NULL
&& (memcmp (plt_contents + lazy_ibt_plt->plt0_entry_size,
lazy_ibt_plt->pic_plt_entry,
lazy_ibt_plt->plt_got_offset) == 0))
lazy_ibt_plt->plt_reloc_offset) == 0))
plt_type = plt_lazy | plt_pic | plt_second;
else
plt_type = plt_lazy | plt_pic;

4
bfd/elf64-x86-64.c
View File

@@ -5852,7 +5852,7 @@ elf_x86_64_get_synthetic_symtab (bfd *abfd,
{
if (memcmp (plt_contents + lazy_ibt_plt->plt_entry_size,
lazy_ibt_plt->plt_entry,
lazy_ibt_plt->plt_got_offset) == 0)
lazy_ibt_plt->plt_reloc_offset) == 0)
{
/* The fist entry in the lazy IBT PLT is the same as
the lazy PLT. */
@@ -5874,7 +5874,7 @@ elf_x86_64_get_synthetic_symtab (bfd *abfd,
if (memcmp (plt_contents
+ lazy_bnd_ibt_plt->plt_entry_size,
lazy_bnd_ibt_plt->plt_entry,
lazy_bnd_ibt_plt->plt_got_offset) == 0)
lazy_bnd_ibt_plt->plt_reloc_offset) == 0)
lazy_plt = lazy_bnd_ibt_plt;
else
lazy_plt = lazy_bnd_plt;