From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from xry111.site (xry111.site [IPv6:2001:470:683e::1]) by sourceware.org (Postfix) with ESMTPS id 220AD3858280 for ; Tue, 20 Sep 2022 06:10:07 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org 220AD3858280 Authentication-Results: sourceware.org; dmarc=pass (p=reject dis=none) header.from=xry111.site Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=xry111.site DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=xry111.site; s=default; t=1663654205; bh=/f0nYD5/Ploxef4iudTL5WMuLWC4oXdcUgbq8/uHqe8=; h=From:To:Cc:Subject:Date:In-Reply-To:References:From; b=bDzpVcCn2ylhN1S7EFcE0SujCBUNpK1TsQoBFU3blxVz7/u9ddsK1jGxMOTPlcDjH 4Pnk71tZy9I9eB+D3466d7FDghwfQgrJubmvU6U/+T7lhZ3Uo5Gi6qQ3P85GzIhOnL sOdrQl7+y9gr4Xd4UymSTXMaWS98ODE+utZMf2PA= Received: from xry111-x57s1.. (unknown [IPv6:240e:358:1109:8900:dc73:854d:832e:4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (P-384) server-digest SHA384) (Client did not present a certificate) (Authenticated sender: xry111@xry111.site) by xry111.site (Postfix) with ESMTPSA id BCE8E6695F; Tue, 20 Sep 2022 02:10:01 -0400 (EDT) From: Xi Ruoyao To: binutils@sourceware.org Cc: liuzhensong , Lulu Cheng , Wang Xuerui , Chenghua Xu , Xi Ruoyao Subject: [PATCH v2 1/2] LoongArch: Don't write into GOT for local ifunc Date: Tue, 20 Sep 2022 14:09:29 +0800 Message-Id: <20220920060930.33357-2-xry111@xry111.site> X-Mailer: git-send-email 2.37.3 In-Reply-To: <20220920060930.33357-1-xry111@xry111.site> References: <20220920060930.33357-1-xry111@xry111.site> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-7.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FROM_SUSPICIOUS_NTLD,GIT_PATCH_0,LIKELY_SPAM_FROM,SPF_HELO_PASS,SPF_PASS,TXREP,T_PDS_OTHER_BAD_TLD autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Local ifuncs are always resolved at runtime via R_LARCH_IRELATIVE, so there is no need to write anything into GOT. And when we write the GOT we actually trigger a heap-buffer-overflow: If a and b are different sections, we cannot access something in b with "a->contents + (offset from a)" because "a->contents" and "b->contents" are heap buffers allocated separately, not slices of a large buffer. So stop writing into GOT for local ifunc now. --- bfd/elfnn-loongarch.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/bfd/elfnn-loongarch.c b/bfd/elfnn-loongarch.c index ed42b8b6770..af18a8a0168 100644 --- a/bfd/elfnn-loongarch.c +++ b/bfd/elfnn-loongarch.c @@ -3179,6 +3179,8 @@ loongarch_elf_relocate_section (bfd *output_bfd, struct bfd_link_info *info, htab->elf.srelgot, &rela); } h->got.offset |= 1; + bfd_put_NN (output_bfd, relocation, + got->contents + got_off); } } else @@ -3200,10 +3202,9 @@ loongarch_elf_relocate_section (bfd *output_bfd, struct bfd_link_info *info, } local_got_offsets[r_symndx] |= 1; } + bfd_put_NN (output_bfd, relocation, got->contents + got_off); } - bfd_put_NN (output_bfd, relocation, got->contents + got_off); - relocation = got_off + sec_addr (got); } -- 2.37.0