Toolchain/binutils-gdb
1
0
Fork 0
forked from Imagelibrary/binutils-gdb
Code Pull Requests Activity

More fixes for invalid memory accesses triggered by fuzzed binaries.

Browse Source 
PR binutils/17512
	* nm.c (print_symbol): Add 'is_synthetic' parameter.  Use it to
	help initialize the info.elfinfo field.
	(print_size_symbols): Add 'synth_count' parameter.  Use it to set
	the is_synthetic parameter when calling print_symbol.
	(print_symbols): Likewise.
	(display_rel_file): Pass synth_count to printing function.
	(display_archive): Break loop if the last archive displayed
	matches the current archive.
	* size.c (display_archive): Likewise.

	* archive.c (do_slurp_bsd_armap): Make sure that the parsed sized
	is at least big enough for the header to be read.
	* elf32-i386.c (elf_i386_get_plt_sym_val): Skip unknown relocs.
	* mach-o.c (bfd_mach_o_get_synthetic_symtab): Add range checks.
	(bfd_mach_o_read_command): Prevetn duplicate error messages about
	unrecognized commands.
	* syms.c (_bfd_stab_section_find_nearest_line): Add range checks
	when indexing into the string table.
This commit is contained in:
Nick Clifton
2015-01-05 23:13:50 +00:00
parent 82b1b41bcd
commit 896ca09813
9 changed files with 150 additions and 39 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
bfd/syms.c
View File

@@ -823,6 +823,7 @@ _bfd_generic_read_minisymbols (bfd *abfd,
*minisymsp = syms;
*sizep = sizeof (asymbol *);
return symcount;
error_return:
@@ -1191,6 +1192,8 @@ _bfd_stab_section_find_nearest_line (bfd *abfd,
{
nul_fun = stab;
nul_str = str;
if (file_name >= (char *) info->strs + strsize)
file_name = NULL;
if (stab + STABSIZE + TYPEOFF < info->stabs + stabsize
&& *(stab + STABSIZE + TYPEOFF) == (bfd_byte) N_SO)
{
@@ -1200,6 +1203,8 @@ _bfd_stab_section_find_nearest_line (bfd *abfd,
directory_name = file_name;
file_name = ((char *) str
+ bfd_get_32 (abfd, stab + STRDXOFF));
if (file_name >= (char *) info->strs + strsize)
file_name = NULL;
}
}
break;
@@ -1207,6 +1212,9 @@ _bfd_stab_section_find_nearest_line (bfd *abfd,
case N_SOL:
/* The name of an include file. */
file_name = (char *) str + bfd_get_32 (abfd, stab + STRDXOFF);
/* PR 17512: file: 0c680a1f. */
if (file_name >= (char *) info->strs + strsize)
file_name = NULL;
break;
case N_FUN:
@@ -1214,6 +1222,8 @@ _bfd_stab_section_find_nearest_line (bfd *abfd,
function_name = (char *) str + bfd_get_32 (abfd, stab + STRDXOFF);
if (function_name == (char *) str)
continue;
if (function_name >= (char *) info->strs + strsize)
function_name = NULL;
nul_fun = NULL;
info->indextable[i].val = bfd_get_32 (abfd, stab + VALOFF);
@@ -1321,6 +1331,8 @@ _bfd_stab_section_find_nearest_line (bfd *abfd,
if (val <= offset)
{
file_name = (char *) str + bfd_get_32 (abfd, stab + STRDXOFF);
if (file_name >= (char *) info->strs + strsize)
file_name = NULL;
*pline = 0;
}
break;