[rfc] eh-frame clobbers memory

[rfc] eh-frame clobbers memory

[Richard Henderson]

On Alpha, and I presume other 64-bit targets, we're expanding the
size of the eh-frame section and overwriting the buffer allocated.
This can be seen in a gcc build for sure, and perhaps one of the
ld testsuite cases.

The eh-frame expansion is in this case pointless, and should be
fixed.  But since we legitimately have some cases in which we 
should be growing the size (e.g. recoding as pic), the buffer
overflow should be as well.

I *think* the following is all we need.  At least I can build
gcc with this installed...


r~



	* elf-eh-frame.c (_bfd_elf_write_section_eh_frame): Reallocate
	contents if the section size grew.

Index: elf-eh-frame.c
===================================================================
RCS file: /cvs/src/src/bfd/elf-eh-frame.c,v
retrieving revision 1.47
diff -u -p -d -r1.47 elf-eh-frame.c
--- elf-eh-frame.c	4 May 2005 15:53:07 -0000	1.47
+++ elf-eh-frame.c	22 May 2005 10:08:15 -0000
@@ -994,6 +994,9 @@ _bfd_elf_write_section_eh_frame (bfd *ab
     return bfd_set_section_contents (abfd, sec->output_section, contents,
 				     sec->output_offset, sec->size);
 
+  if (sec->size > sec->rawsize)
+    contents = bfd_realloc (contents, sec->size);
+
   ptr_size = (get_elf_backend_data (abfd)
 	      ->elf_backend_eh_frame_address_size (abfd, sec));
   BFD_ASSERT (ptr_size != 0);

Re: [rfc] eh-frame clobbers memory

[John Levon]

On Sun, May 22, 2005 at 03:14:14AM -0700, Richard Henderson wrote:

> +  if (sec->size > sec->rawsize)
> +    contents = bfd_realloc (contents, sec->size);

This leaks contents on bfd_realloc() failure.

regards,
john

Re: [rfc] eh-frame clobbers memory

[Alan Modra]

On Sun, May 22, 2005 at 03:14:14AM -0700, Richard Henderson wrote:
> 	* elf-eh-frame.c (_bfd_elf_write_section_eh_frame): Reallocate
> 	contents if the section size grew.

elf_link_input_bfd will normally be using finfo.contents to buffer
eh_frame sections, so you definitely don't want to do this.

I suppose alpha must be stashing .eh_frame contents away in
elf_section_data this_hdr.contents, during elf64_alpha_relax_section.
Avoid that for .eh_frame and everything should work.

-- 
Alan Modra
IBM OzLabs - Linux Technology Centre

Re: [rfc] eh-frame clobbers memory

[Richard Henderson]

On Sun, May 22, 2005 at 11:12:15PM +0930, Alan Modra wrote:
> I suppose alpha must be stashing .eh_frame contents away in
> elf_section_data this_hdr.contents, during elf64_alpha_relax_section.
> Avoid that for .eh_frame and everything should work.

Indeed.  Thanks.  This test is something I should have had all along.


r~


        * elf64-alpha.c (elf64_alpha_relax_section): Only operate
        on SEC_CODE sections.

Index: elf64-alpha.c
===================================================================
RCS file: /cvs/src/src/bfd/elf64-alpha.c,v
retrieving revision 1.132
diff -u -p -d -r1.132 elf64-alpha.c
--- elf64-alpha.c	7 May 2005 13:22:51 -0000	1.132
+++ elf64-alpha.c	22 May 2005 21:59:31 -0000
@@ -1969,7 +1993,7 @@ elf64_alpha_relax_section (abfd, sec, li
   *again = FALSE;
 
   if (link_info->relocatable
-      || (sec->flags & SEC_RELOC) == 0
+      || (sec->flags & (SEC_CODE | SEC_RELOC)) != (SEC_CODE | SEC_RELOC)
       || sec->reloc_count == 0)
     return TRUE;