[binutils-gdb] loongarch readelf support

public inbox for binutils-cvs@sourceware.org
 help / color / mirror / Atom feed

* [binutils-gdb] loongarch readelf support
@ 2023-06-02  0:12 Alan Modra
  0 siblings, 0 replies; only message in thread
From: Alan Modra @ 2023-06-02  0:12 UTC (permalink / raw)
  To: bfd-cvs

https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=74a965d8e09217f3d8f8295c9126b77cdd62b798

commit 74a965d8e09217f3d8f8295c9126b77cdd62b798
Author: Alan Modra <amodra@gmail.com>
Date:   Thu Jun 1 23:31:47 2023 +0930

    loongarch readelf support
    
    This fixes two buffer overflows found by fuzzers.
    
            * readelf.c (target_specific_reloc_handling): Sanity check
            loongarch reloc symbol index.  Don't apply reloc after errors.
            Reduce translation work of "invalid symbol index" error message.

Diff:
---
 binutils/readelf.c | 63 +++++++++++++++++++++++++++++-------------------------
 1 file changed, 34 insertions(+), 29 deletions(-)

diff --git a/binutils/readelf.c b/binutils/readelf.c
index 7292dd0941a..042d2301517 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -14028,24 +14028,32 @@ target_specific_reloc_handling (Filedata *filedata,
 			   "ULEB128 value\n"),
 			 (long) reloc->r_offset);
 
-		if (107 == reloc_type)
-		  value += (reloc->r_addend + symtab[sym_index].st_value);
-		else if (108 == reloc_type)
-		  value -= (reloc->r_addend + symtab[sym_index].st_value);
-
-		/* Write uleb128 value to p.  */
-		bfd_byte c;
-		bfd_byte *p = start + reloc->r_offset;
-		do
+		else if (sym_index >= num_syms)
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"),
+			 (reloc_type == 107
+			  ? "R_LARCH_ADD_ULEB128"
+			  : "R_LARCH_SUB_ULEB128"),
+			 sym_index);
+		else
 		  {
-		    c = value & 0x7f;
-		    if (reloc_size > 1)
-		      c |= 0x80;
-		    *(p++) = c;
-		    value >>= 7;
-		    reloc_size--;
+		    if (reloc_type == 107)
+		      value += reloc->r_addend + symtab[sym_index].st_value;
+		    else
+		      value -= reloc->r_addend + symtab[sym_index].st_value;
+
+		    /* Write uleb128 value to p.  */
+		    bfd_byte *p = start + reloc->r_offset;
+		    do
+		      {
+			bfd_byte c = value & 0x7f;
+			value >>= 7;
+			if (--reloc_size != 0)
+			  c |= 0x80;
+			*p++ = c;
+		      }
+		    while (reloc_size);
 		  }
-		while (reloc_size);
 
 		return true;
 	      }
@@ -14075,8 +14083,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	  case 23: /* R_MSP430X_GNU_SUB_ULEB128 */
 	    /* PR 21139.  */
 	    if (sym_index >= num_syms)
-	      error (_("MSP430 SYM_DIFF reloc contains invalid symbol index"
-		       " %" PRIu64 "\n"), sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "MSP430 SYM_DIFF", sym_index);
 	    else
 	      saved_sym = symtab + sym_index;
 	    return true;
@@ -14126,9 +14134,8 @@ target_specific_reloc_handling (Filedata *filedata,
 			   " contains invalid ULEB128 value\n"),
 			 reloc->r_offset);
 		else if (sym_index >= num_syms)
-		  error (_("MSP430 reloc contains invalid symbol index "
-			   "%" PRIu64 "\n"),
-			 sym_index);
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"), "MSP430", sym_index);
 		else
 		  {
 		    value = reloc->r_addend + (symtab[sym_index].st_value
@@ -14173,9 +14180,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	    return true;
 	  case 33: /* R_MN10300_SYM_DIFF */
 	    if (sym_index >= num_syms)
-	      error (_("MN10300_SYM_DIFF reloc contains invalid symbol index "
-		       "%" PRIu64 "\n"),
-		     sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "MN10300_SYM_DIFF", sym_index);
 	    else
 	      saved_sym = symtab + sym_index;
 	    return true;
@@ -14188,9 +14194,8 @@ target_specific_reloc_handling (Filedata *filedata,
 		uint64_t value;
 
 		if (sym_index >= num_syms)
-		  error (_("MN10300 reloc contains invalid symbol index "
-			   "%" PRIu64 "\n"),
-			 sym_index);
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"), "MN10300", sym_index);
 		else
 		  {
 		    value = reloc->r_addend + (symtab[sym_index].st_value
@@ -14233,8 +14238,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	  case 0x80: /* R_RL78_SYM.  */
 	    saved_sym1 = saved_sym2;
 	    if (sym_index >= num_syms)
-	      error (_("RL78_SYM reloc contains invalid symbol index "
-		       "%" PRIu64 "\n"), sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "RL78_SYM", sym_index);
 	    else
 	      {
 		saved_sym2 = symtab[sym_index].st_value;

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2023-06-02  0:12 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2023-06-02  0:12 [binutils-gdb] loongarch readelf support Alan Modra

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).