From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: by sourceware.org (Postfix, from userid 1062) id 2A5313857C7D; Tue, 2 Aug 2022 07:47:26 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 2A5313857C7D Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: quoted-printable From: Alan Modra To: bfd-cvs@sourceware.org Subject: [binutils-gdb] PE objdump -x X-Act-Checkin: binutils-gdb X-Git-Author: Alan Modra X-Git-Refname: refs/heads/master X-Git-Oldrev: d2dcf3908f2b1da5bc84eaef61d7b758d07009a6 X-Git-Newrev: 217cbb0055391809d6dfb56cec053fdd3cf08b75 Message-Id: <20220802074726.2A5313857C7D@sourceware.org> Date: Tue, 2 Aug 2022 07:47:26 +0000 (GMT) X-BeenThere: binutils-cvs@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils-cvs mailing list List-Unsubscribe: , List-Archive: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Aug 2022 07:47:26 -0000 https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3D217cbb005539= 1809d6dfb56cec053fdd3cf08b75 commit 217cbb0055391809d6dfb56cec053fdd3cf08b75 Author: Alan Modra Date: Tue Aug 2 16:53:54 2022 +0930 PE objdump -x =20 objdump -x on PE executables produces lots of "xdata section corrupt" and "corrupt unwind data" warnings, and refuses to dump that info. It turns out that the sanity checks were bad, not the data. Fix them. =20 * pei-x86_64.c (pex64_get_unwind_info): Correct buffer overrun sanity checks. (pex64_xdata_print_uwd_codes): Similarly. Diff: --- bfd/pei-x86_64.c | 22 +++++----------------- 1 file changed, 5 insertions(+), 17 deletions(-) diff --git a/bfd/pei-x86_64.c b/bfd/pei-x86_64.c index 7d8fc8f0721..795bf66f8b4 100644 --- a/bfd/pei-x86_64.c +++ b/bfd/pei-x86_64.c @@ -109,7 +109,7 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind_i= nfo *ui, =20 memset (ui, 0, sizeof (struct pex64_unwind_info)); =20 - if (ex_dta >=3D ex_dta_end || ex_dta + 4 >=3D ex_dta_end) + if (ex_dta >=3D ex_dta_end || ex_dta + 4 > ex_dta_end) return false; =20 ui->Version =3D PEX64_UWI_VERSION (ex_ui->Version_Flags); @@ -124,13 +124,13 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind= _info *ui, ui->rawUnwindCodesEnd =3D ex_dta_end; =20 ex_dta +=3D ui->SizeOfBlock; - if (ex_dta >=3D ex_dta_end) + if (ex_dta > ex_dta_end) return false; =20 switch (ui->Flags) { case UNW_FLAG_CHAININFO: - if (ex_dta + 12 >=3D ex_dta_end) + if (ex_dta + 12 > ex_dta_end) return false; ui->rva_BeginAddress =3D bfd_get_32 (abfd, ex_dta + 0); ui->rva_EndAddress =3D bfd_get_32 (abfd, ex_dta + 4); @@ -140,7 +140,7 @@ pex64_get_unwind_info (bfd *abfd, struct pex64_unwind_i= nfo *ui, case UNW_FLAG_EHANDLER: case UNW_FLAG_UHANDLER: case UNW_FLAG_FHANDLER: - if (ex_dta + 4 >=3D ex_dta_end) + if (ex_dta + 4 > ex_dta_end) return false; ui->rva_ExceptionHandler =3D bfd_get_32 (abfd, ex_dta); ui->SizeOfBlock +=3D 4; @@ -172,7 +172,7 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, =20 i =3D 0; =20 - if (ui->rawUnwindCodes + 1 >=3D ui->rawUnwindCodesEnd) + if (ui->rawUnwindCodes + ui->CountOfCodes * 2 > ui->rawUnwindCodesEnd) { fprintf (file, _("warning: corrupt unwind data\n")); return; @@ -186,12 +186,6 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, to decode instruction flow if outside an epilog. */ unsigned int func_size =3D rf->rva_EndAddress - rf->rva_BeginAddress; =20 - if (ui->rawUnwindCodes + 1 + (ui->CountOfCodes * 2) >=3D ui->rawUnwi= ndCodesEnd) - { - fprintf (file, _("warning: corrupt unwind data\n")); - return; - } - fprintf (file, "\tv2 epilog (length: %02x) at pc+:", ui->rawUnwindCodes[0]); =20 @@ -215,12 +209,6 @@ pex64_xdata_print_uwd_codes (FILE *file, bfd *abfd, fputc ('\n', file); } =20 - if (ui->rawUnwindCodes + 2 + (ui->CountOfCodes * 2) >=3D ui->rawUnwindCo= desEnd) - { - fprintf (file, _("warning: corrupt unwind data\n")); - return; - } - for (; i < ui->CountOfCodes; i++) { const bfd_byte *dta =3D ui->rawUnwindCodes + 2 * i;