From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <amodra@sourceware.org>
Received: by sourceware.org (Postfix, from userid 1062)
 id BB13D3858414; Fri,  2 Jun 2023 00:12:14 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org BB13D3858414
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable
From: Alan Modra <amodra@sourceware.org>
To: bfd-cvs@sourceware.org
Subject: [binutils-gdb] loongarch readelf support
X-Act-Checkin: binutils-gdb
X-Git-Author: Alan Modra <amodra@gmail.com>
X-Git-Refname: refs/heads/master
X-Git-Oldrev: 56e4ccc924d47c30e7446efe771397d2de141762
X-Git-Newrev: 74a965d8e09217f3d8f8295c9126b77cdd62b798
Message-Id: <20230602001214.BB13D3858414@sourceware.org>
Date: Fri,  2 Jun 2023 00:12:14 +0000 (GMT)
X-BeenThere: binutils-cvs@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils-cvs mailing list <binutils-cvs.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils-cvs/>
List-Help: <mailto:binutils-cvs-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils-cvs>,
 <mailto:binutils-cvs-request@sourceware.org?subject=subscribe>
X-List-Received-Date: Fri, 02 Jun 2023 00:12:14 -0000

https://sourceware.org/git/gitweb.cgi?p=3Dbinutils-gdb.git;h=3D74a965d8e092=
17f3d8f8295c9126b77cdd62b798

commit 74a965d8e09217f3d8f8295c9126b77cdd62b798
Author: Alan Modra <amodra@gmail.com>
Date:   Thu Jun 1 23:31:47 2023 +0930

    loongarch readelf support
   =20
    This fixes two buffer overflows found by fuzzers.
   =20
            * readelf.c (target_specific_reloc_handling): Sanity check
            loongarch reloc symbol index.  Don't apply reloc after errors.
            Reduce translation work of "invalid symbol index" error message.

Diff:
---
 binutils/readelf.c | 63 +++++++++++++++++++++++++++++---------------------=
----
 1 file changed, 34 insertions(+), 29 deletions(-)

diff --git a/binutils/readelf.c b/binutils/readelf.c
index 7292dd0941a..042d2301517 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -14028,24 +14028,32 @@ target_specific_reloc_handling (Filedata *filedat=
a,
 			   "ULEB128 value\n"),
 			 (long) reloc->r_offset);
=20
-		if (107 =3D=3D reloc_type)
-		  value +=3D (reloc->r_addend + symtab[sym_index].st_value);
-		else if (108 =3D=3D reloc_type)
-		  value -=3D (reloc->r_addend + symtab[sym_index].st_value);
-
-		/* Write uleb128 value to p.  */
-		bfd_byte c;
-		bfd_byte *p =3D start + reloc->r_offset;
-		do
+		else if (sym_index >=3D num_syms)
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"),
+			 (reloc_type =3D=3D 107
+			  ? "R_LARCH_ADD_ULEB128"
+			  : "R_LARCH_SUB_ULEB128"),
+			 sym_index);
+		else
 		  {
-		    c =3D value & 0x7f;
-		    if (reloc_size > 1)
-		      c |=3D 0x80;
-		    *(p++) =3D c;
-		    value >>=3D 7;
-		    reloc_size--;
+		    if (reloc_type =3D=3D 107)
+		      value +=3D reloc->r_addend + symtab[sym_index].st_value;
+		    else
+		      value -=3D reloc->r_addend + symtab[sym_index].st_value;
+
+		    /* Write uleb128 value to p.  */
+		    bfd_byte *p =3D start + reloc->r_offset;
+		    do
+		      {
+			bfd_byte c =3D value & 0x7f;
+			value >>=3D 7;
+			if (--reloc_size !=3D 0)
+			  c |=3D 0x80;
+			*p++ =3D c;
+		      }
+		    while (reloc_size);
 		  }
-		while (reloc_size);
=20
 		return true;
 	      }
@@ -14075,8 +14083,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	  case 23: /* R_MSP430X_GNU_SUB_ULEB128 */
 	    /* PR 21139.  */
 	    if (sym_index >=3D num_syms)
-	      error (_("MSP430 SYM_DIFF reloc contains invalid symbol index"
-		       " %" PRIu64 "\n"), sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "MSP430 SYM_DIFF", sym_index);
 	    else
 	      saved_sym =3D symtab + sym_index;
 	    return true;
@@ -14126,9 +14134,8 @@ target_specific_reloc_handling (Filedata *filedata,
 			   " contains invalid ULEB128 value\n"),
 			 reloc->r_offset);
 		else if (sym_index >=3D num_syms)
-		  error (_("MSP430 reloc contains invalid symbol index "
-			   "%" PRIu64 "\n"),
-			 sym_index);
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"), "MSP430", sym_index);
 		else
 		  {
 		    value =3D reloc->r_addend + (symtab[sym_index].st_value
@@ -14173,9 +14180,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	    return true;
 	  case 33: /* R_MN10300_SYM_DIFF */
 	    if (sym_index >=3D num_syms)
-	      error (_("MN10300_SYM_DIFF reloc contains invalid symbol index "
-		       "%" PRIu64 "\n"),
-		     sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "MN10300_SYM_DIFF", sym_index);
 	    else
 	      saved_sym =3D symtab + sym_index;
 	    return true;
@@ -14188,9 +14194,8 @@ target_specific_reloc_handling (Filedata *filedata,
 		uint64_t value;
=20
 		if (sym_index >=3D num_syms)
-		  error (_("MN10300 reloc contains invalid symbol index "
-			   "%" PRIu64 "\n"),
-			 sym_index);
+		  error (_("%s reloc contains invalid symbol index "
+			   "%" PRIu64 "\n"), "MN10300", sym_index);
 		else
 		  {
 		    value =3D reloc->r_addend + (symtab[sym_index].st_value
@@ -14233,8 +14238,8 @@ target_specific_reloc_handling (Filedata *filedata,
 	  case 0x80: /* R_RL78_SYM.  */
 	    saved_sym1 =3D saved_sym2;
 	    if (sym_index >=3D num_syms)
-	      error (_("RL78_SYM reloc contains invalid symbol index "
-		       "%" PRIu64 "\n"), sym_index);
+	      error (_("%s reloc contains invalid symbol index "
+		       "%" PRIu64 "\n"), "RL78_SYM", sym_index);
 	    else
 	      {
 		saved_sym2 =3D symtab[sym_index].st_value;