From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <binutils-return-83163-listarch-binutils=sources.redhat.com@sourceware.org>
Received: (qmail 17160 invoked by alias); 18 Mar 2014 14:39:09 -0000
Mailing-List: contact binutils-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <binutils.sourceware.org>
List-Subscribe: <mailto:binutils-subscribe@sourceware.org>
List-Archive: <http://sourceware.org/ml/binutils/>
List-Post: <mailto:binutils@sourceware.org>
List-Help: <mailto:binutils-help@sourceware.org>, <http://sourceware.org/ml/#faqs>
Sender: binutils-owner@sourceware.org
Received: (qmail 17142 invoked by uid 89); 18 Mar 2014 14:39:08 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=0.2 required=5.0 tests=AWL,BAYES_20,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.2
X-HELO: smtpout02.bt.lon5.cpcloud.co.uk
Received: from smtpout02.bt.lon5.cpcloud.co.uk (HELO smtpout02.bt.lon5.cpcloud.co.uk) (65.20.0.122) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Tue, 18 Mar 2014 14:39:06 +0000
X-CTCH-RefID: str=0001.0A090206.53285A88.001A,ss=1,re=0.000,recu=0.000,reip=0.000,cl=1,cld=1,fgs=0
X-Junkmail-Premium-Raw: score=7/97,refid=2.7.2:2014.3.13.161815:17:7.944,ip=,rules=__HAS_FROM, __TO_MALFORMED_2, __TO_NO_NAME, __SUBJ_ALPHA_END, __HAS_MSGID, __SANE_MSGID, __HAS_X_MAILER, __IN_REP_TO, __ANY_URI, __URI_NO_WWW, __URI_NO_PATH, BODY_SIZE_1700_1799, BODYTEXTP_SIZE_3000_LESS, __MIME_TEXT_ONLY, __URI_NS, HTML_00_01, HTML_00_10, BODY_SIZE_5000_LESS, BODY_SIZE_2000_LESS, BODY_SIZE_7000_LESS
X-CTCH-Spam: Unknown
Received: from localhost.localdomain (86.139.180.71) by smtpout02.bt.lon5.cpcloud.co.uk (8.6.100.99.10223) (authenticated as jonturney@btinternet.com)        id 5321749E000DF1F7; Tue, 18 Mar 2014 14:39:03 +0000
From: Jon TURNEY <jon.turney@dronecode.org.uk>
To: binutils@sourceware.org
Cc: Jon TURNEY <jon.turney@dronecode.org.uk>
Subject: [PATCH 1/2] pe/coff: Avoid a crash using objdump -p on the output of objcopy --only-keep-debug
Date: Tue, 18 Mar 2014 14:39:00 -0000
Message-Id: <1395153555-5572-2-git-send-email-jon.turney@dronecode.org.uk>
In-Reply-To: <1395153555-5572-1-git-send-email-jon.turney@dronecode.org.uk>
References: <1395153555-5572-1-git-send-email-jon.turney@dronecode.org.uk>
X-SW-Source: 2014-03/txt/msg00179.txt.bz2

Avoid a crash when using objdump -p on the output of objcopy --only-keep-debug

e.g.

$ objdump -p /usr/lib/debug/usr/bin/cygwin1.dbg
[...]
The Export Tables (interpreted .edata section contents)

Export Flags                    0
Time/Date stamp                 0
Major/Minor                     0/0
Segmentation fault (core dumped)

Verfify that edt.name lies inside the .edata section we have loaded before
dereferencing it.  Change adj to to bfd_vma to avoid signed vs. unsigned
comparison warnings - it could only be negative if a section had a negative
vma.

bfd/Changelog:

2014-03-18  Jon TURNEY  <jon.turney@dronecode.org.uk>

	* peXXigen.c (pe_print_edata): Verify edt.name lies inside
	section before dereferencing.

Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
---
 bfd/peXXigen.c | 8 ++++++--
 1 file changed, 6 insertions(+), 2 deletions(-)

diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
index 8219ab9..d011c0e 100644
--- a/bfd/peXXigen.c
+++ b/bfd/peXXigen.c
@@ -1373,7 +1373,7 @@ pe_print_edata (bfd * abfd, void * vfile)
   bfd_size_type datasize = 0;
   bfd_size_type dataoff;
   bfd_size_type i;
-  bfd_signed_vma adj;
+  bfd_vma adj;
   struct EDT_type
   {
     long export_flags;          /* Reserved - should be zero.  */
@@ -1478,8 +1478,12 @@ pe_print_edata (bfd * abfd, void * vfile)
   fprintf (file,
 	   _("Name \t\t\t\t"));
   bfd_fprintf_vma (abfd, file, edt.name);
-  fprintf (file,
+
+  if ((edt.name >= adj) && (edt.name < adj + datasize))
+    fprintf (file,
 	   " %s\n", data + edt.name - adj);
+  else
+    fprintf (file, "(outside .edata section)\n");
 
   fprintf (file,
 	   _("Ordinal Base \t\t\t%ld\n"), edt.base);
-- 
1.8.3.4