From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mx0b-00069f02.pphosted.com (mx0b-00069f02.pphosted.com [205.220.177.32]) by sourceware.org (Postfix) with ESMTPS id 2E1693858D28 for ; Fri, 6 Jan 2023 17:56:42 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 2E1693858D28 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=oracle.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=oracle.com Received: from pps.filterd (m0246630.ppops.net [127.0.0.1]) by mx0b-00069f02.pphosted.com (8.17.1.19/8.17.1.19) with ESMTP id 306H20JI006449; Fri, 6 Jan 2023 17:56:40 GMT DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.com; h=subject : to : references : cc : from : message-id : date : in-reply-to : content-type : content-transfer-encoding : mime-version; s=corp-2022-7-12; bh=oWP3l61F4MGl960oT/Wf9f6+hO7oYUm5ZoNQmLtojIk=; b=xuaIA6J5cZgzaMzctdQbJ6nfXTE/RhmbWXkgDgEwZOSorHcTo64xAhW6M8DV0qIsG1bo Zt9Ysn2p8b6Qaf0rwb56iTURGZJG1UVkfYOUhM+OdfYvhLycfSzwAF004awfFrDtESQN Zs//B94Qko5VY5Qt+EkRFdYLsJkohNTBeJVzTXcj+O4gX5SRsqLa1jNjvW7RZ7H5EMgt BO/fhPlzonIGK3cwjM0M1kq9dTAD8rzw8WJvJi+XXKp6SZjG0NyHMufrBqA7XoNA3w4R NIClQNYeCnY+GmMUWsWVkJ39VYL3+Mux5BFSsTdwZ+6FkZPrsMjI3WRoy31Wxql5oWa4 YA== Received: from phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (phxpaimrmta02.appoci.oracle.com [147.154.114.232]) by mx0b-00069f02.pphosted.com (PPS) with ESMTPS id 3mtbgqumys-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 06 Jan 2023 17:56:40 +0000 Received: from pps.filterd (phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com [127.0.0.1]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (8.17.1.5/8.17.1.5) with ESMTP id 306GemNE021006; Fri, 6 Jan 2023 17:56:39 GMT Received: from nam02-dm3-obe.outbound.protection.outlook.com (mail-dm3nam02lp2046.outbound.protection.outlook.com [104.47.56.46]) by phxpaimrmta02.imrmtpd1.prodappphxaev1.oraclevcn.com (PPS) with ESMTPS id 3mwevm5jcw-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=OK); Fri, 06 Jan 2023 17:56:39 +0000 ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=Qbtl4qqWveURT7g5jrrNk3qlRrZrCiElPypdq83R84yClrpkmx4BNgm9Z/96fa6pdy3dgFZWXOEFNdwoEkzVQ+7VsIW8xuJwizfM3ARqXRbb7dliHSAinx/FpB7xB215F/JFPvVD1z3DBzu4fPeLPKLIYFHVKSoqQz6M/mAlTumbZERXREpo3Rg1JkMQJn6CpFk0wiNio35P5ebZhnzQ6PLDIy58fVdSJlSFI9GY7nd6tGhDsEsieKmEWG1WHXo6KzaN2krAGZhzmdvXR60KxKmvBcO+5BRXle8q6xQu9XL9lpVpbqAyOwj1KCJ6CPbyNvnLS0VTeLC9pa2fQcdsow== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=oWP3l61F4MGl960oT/Wf9f6+hO7oYUm5ZoNQmLtojIk=; b=aDnl3MWQ5GxDapPmEb1yupkwR6riXZ4eLMr6imuav1lL6WrXwAeg1fOYyGXu4kcXI5DK1jAiqJn9sEBy7EN8Tx4K+/vFB2iY1r2bDKESvPOYVNK4toGxvFcPAJvEc6bj1oEukhp9jwXwf7X5zil8t3Ghc0VCPZJ8FIeldXjDyGcMpPf9veeoG31RSeXhxuzdL9FQp8fyvIgn7iK/RcWJsmWGq/DfQOsNmlOXA9NdFlTXXt3bWR86cGWc6LWutsBsW19G9GgZY7CF+GbmjpH5Qut8fwDyETn9oTNHG2pDVT7ykGWPtPQ/iez8ZGBldEmTAVJhZbQhCrRH4PQJ2jRMtw== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=oracle.com; dmarc=pass action=none header.from=oracle.com; dkim=pass header.d=oracle.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=oracle.onmicrosoft.com; s=selector2-oracle-onmicrosoft-com; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=oWP3l61F4MGl960oT/Wf9f6+hO7oYUm5ZoNQmLtojIk=; b=yynX8m95MKbH9xIvWkmKAFMYAC2cLWEKHbtr+hCjF1cjB9N4uyZ0gFwz1GDGeGyBy0B6Vx7es5NdjcHb1GGE2Dsmxu6qsZ4Is4KYOYPi0VbY8TQ9QL1wUHWZF1hDFuJv6z2iSd91/NDB7ffeTpzRv/PGilUA8WltUfP9OVmiN1M= Received: from MWHPR1001MB2158.namprd10.prod.outlook.com (2603:10b6:301:2d::17) by SJ0PR10MB5600.namprd10.prod.outlook.com (2603:10b6:a03:3dc::12) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5944.19; Fri, 6 Jan 2023 17:56:37 +0000 Received: from MWHPR1001MB2158.namprd10.prod.outlook.com ([fe80::ee70:1952:4416:1bdc]) by MWHPR1001MB2158.namprd10.prod.outlook.com ([fe80::ee70:1952:4416:1bdc%5]) with mapi id 15.20.5944.019; Fri, 6 Jan 2023 17:56:37 +0000 Subject: Re: [PATCH] libsframe: adjust an incorrect check in flip_sframe To: binutils@sourceware.org References: <20230104065611.377771-1-indu.bhagat@oracle.com> Cc: Nick Clifton From: Indu Bhagat Message-ID: <82fb15dc-4415-63e0-415a-28a875e52458@oracle.com> Date: Fri, 6 Jan 2023 09:56:35 -0800 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:78.0) Gecko/20100101 Thunderbird/78.6.1 In-Reply-To: <20230104065611.377771-1-indu.bhagat@oracle.com> Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-ClientProxiedBy: DS7PR05CA0037.namprd05.prod.outlook.com (2603:10b6:8:2f::24) To MWHPR1001MB2158.namprd10.prod.outlook.com (2603:10b6:301:2d::17) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: MWHPR1001MB2158:EE_|SJ0PR10MB5600:EE_ X-MS-Office365-Filtering-Correlation-Id: 5a1994cc-3860-41a4-252a-08daf00f5b6c X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; X-Microsoft-Antispam-Message-Info: ZfgGCK8aqKkAF0VHNqnKGAXRdlO7KCY+rszq18bmhQ1h7W13jWONBxt1/O5CQaehUuO/AdcAA7i2aIpG7+0cI2CMhzzLrS5VKyBnJ3OkgGk84UZPlizLYTSInXbZcuBYD4EmG5eLQCMZSf3kM2DdJTlAYKe1b1Je4GPw12baBB+m4+x8xpF1MBpbbFHCEpKX8mDl2KKgXV8I5LmjTqejE/Pai/qMiwc7YI3l2tODBKeV5h3fAy1VmVdn7XUwbiWyOedQBA1SvXX5b517ZPW/W1RxxMQqb5565lqoxAKkayQOjN6UeNB3TE4z6fd7sOY11RZCbNVIuf7uBjqTtK9NFEnaOz7IXeRYjS7jK5hBZYdOIbBXCxx9I87flXRrvzlmieFEF36Ra1ODVex2qQUDQtiQ78tL66gyjY7Dpeu+PrI3mTqAlSWh2ayM6fiqevoTJn2bDNwUxhEMJXft+EqaXtchRD5mK2Sc9hOWi9QTPxMcNLud8NnqfvMiJEJBr89xSonj3PawL+JBmYglkWXKDsucz4nsVBF4cbwjWZnaKLFhpFkxCZGSRhQ5wJLDci70+15oI9dTrWpRcTY17hq5XN4fnZJ+lnbNTf55/ZrIvwsQQLYLC8Frp2YoIckAbpF6h5w5IdEH2qBqnRctwJfTc5hRr8vzlQTZlzA3vZIYvNPUTTdIyY5yZLJEOZXW5df2Az5y4VQn+X9Zm7xLtUYkQ/ruyjwZcQBxZdOY2h5DeUI= X-Forefront-Antispam-Report: CIP:255.255.255.255;CTRY:;LANG:en;SCL:1;SRV:;IPV:NLI;SFV:NSPM;H:MWHPR1001MB2158.namprd10.prod.outlook.com;PTR:;CAT:NONE;SFS:(13230022)(366004)(136003)(396003)(39860400002)(346002)(376002)(451199015)(31686004)(5660300002)(41300700001)(66556008)(2906002)(66476007)(66946007)(6916009)(4326008)(8676002)(8936002)(6512007)(6486002)(478600001)(53546011)(6506007)(186003)(86362001)(83380400001)(31696002)(2616005)(38100700002)(36756003)(316002)(44832011)(43740500002)(45980500001);DIR:OUT;SFP:1101; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: =?utf-8?B?MlI1emZTMG1aSkxGTkZvaEhqWFNEVFJhNzFkVDVRU3ZFSUo5NENIQlcrTUFl?= =?utf-8?B?cGdvbFNuM2MyYjRpaXhqb0UzemY2a3p4T2oyNCsvbmlMSWxBaFU3R1d3cUUx?= =?utf-8?B?QkJ1cHl1UEJwendCSTBOL0EzcVNHcWJ6NDhyRW9KcGdlVkN1djdNaVZtdkJC?= =?utf-8?B?U21oaEhPbFlCUVYreFhWT3dIY1VZb0U4RWZCdVcwRlZkRVVCM1VVa0N5Y0Ns?= =?utf-8?B?cXRSak5tZ1c2Sy9SZ3ZjSmQ4b0hHVEJabVZ5WVNNeDJmekRZWVBNMXl1Y1R6?= =?utf-8?B?NmszYTg4NjFLS3lGSmV4Y2pqSFMwekJoZjVJK2FWOG1SOUJobENUbktsZXRt?= =?utf-8?B?Wm1JeTRGTE0yN0dPOWhWbkV5U2xJQzh6N2FVYUdvd0I2ZEVjZmdNb0g2ZEl0?= =?utf-8?B?ME1lc01sQkpSZ09YekFlQktZcmd3UGZEYjNyR0o5L25OTFcyNTlTbVoySVNa?= =?utf-8?B?ck5ST2pYQlQ5SEU4L21PQUhWQWVZRjFTeUd4bHBsYTFHQzhyUDF3UjM5bi9i?= =?utf-8?B?bFhVQ2lUQkhxUGVETDJpNUVuanc3dkZlbWZJSDVpVUhybE9IZjB0dW4wWGI3?= =?utf-8?B?aWNBZXZ4RUJKcHdPMWF0clNVNmR5Wk5TZW1TcHBzVzlOZUk1SXBmRHcrUmQ2?= =?utf-8?B?OUZ0d1d1dGJlOVRDNXF0Z1BzQUxnS0QzelUrTUxwb0puTkl5dkVOcjVZZ1ZB?= =?utf-8?B?ZHo1QUVVZzJ5azBPb2ZDR3NMYlcwQkpYelJJekJMcS9Ld1oyWXdBS3BETDc5?= =?utf-8?B?ekhvKzJZNnIrKzhMRTkydkdVUTJtMm9MU1djbmh5eEd2T0E1Yk14WDJMSjA0?= =?utf-8?B?ZFJPbXFHVHBqYmdYbEhRQXE3ZmNGbURyS3ZNajM3THJZcVY4MFk5MndCT1pU?= =?utf-8?B?L2JOQm5zVDYvYXExMDBVNmlyRnJTQkY1b0hsQU1aODRrT1VHZEgzMTliN2J2?= =?utf-8?B?a0N6UlBaRUUzY1ZHRFZObXR6Ymh0aUFnSTFmZG93SERFOWpzQTdFYjN1SHBS?= =?utf-8?B?OTR3WHRzL092SXA5aE0yUnVvSXh6RkxTdEIxMUdZa0daWVY3RHpKQnFBb2Rm?= =?utf-8?B?MzIwNlVwaHo1bllpZ3haVEdGYk9LTnVYOUpoYWVnTmx2RThrZTdBWVNDbDZa?= =?utf-8?B?bUNEb3g4MTB3ODlySGFWeXI2MUdFZXBCWFZhTUY3K2owQkRNUW9NTVFZVGM1?= =?utf-8?B?WXpoZUU4UXlmakZzdnJ4c3A3azZHbjV5QlppUnVhQzNQQXhObVVjTjkrUG0r?= =?utf-8?B?Z0RpQzNOZWZrZWhubUVVUzlYMXB3anVydmhhV2FyaUtSZVhGcDI2S0E1WW1o?= =?utf-8?B?OXhaeVhaeGJGSjdQWHVIeTgyNU01M0U2MjE2dFFKdWxlRTVLY2hBYTJxVVRl?= =?utf-8?B?R3dPOVBOa3BMY0dVclVpNDRQdUg4S0pGSGdLTnFDcEhqOUk5Z1ZlcGVlWmM1?= =?utf-8?B?cjZ6TDNHUS9GbVpCdG9BNlI2YXMvMDltT2hWRUI4alo1cmpTNVlrRlp2VmJs?= =?utf-8?B?T3Z2MVkyUUl6d0lmdHlGRDJNU2htUVBabGVXam5ZU0FyTWZHdGEvcU56aFBk?= =?utf-8?B?NWNwSWM1Nm4zbXBjaThJcHk3UHpkK3ExM2hqNGd2cmFyMGZCL1o5MmVUQXY4?= =?utf-8?B?N0JYUWZwbzNBYlY1M3RHZms5OVNiSWtiaGQyUDRobXJQcTBlTjVKRjE5T1pn?= =?utf-8?B?bkpUaFpDcmtIU0cvNW43ak1GemZjNlhoS2JYdjVPTVlaOHN0dCtsRzVMbGUz?= =?utf-8?B?S0Q3S1ExVE12aHVBV2N0VHRqRW9rb1RQRE1TMzZxNi9XUWNiR1pwZHpGdXV5?= =?utf-8?B?OWdOcWhySG4wS3pGMndPbzRVL3h1THg2NjhnOVZqaUc5emtMOUJkK1BiSHZU?= =?utf-8?B?TkZKdnJXY0F6SVJLMlVJUExXYUpwVDc1Mk02M2phSXRlc3RTWmlyT0xmT2I5?= =?utf-8?B?RUZDdW9HcmxqSW5JdDJuQmV3bjl6TERYUkk0MHdSb1R4Uk41MWQzbEpYbkxW?= =?utf-8?B?Z2doQmF5NURZWnBJYWFoVnUwY1FES0ZVdG9zRlNweHNMYWo3OTREMUp6YnUw?= =?utf-8?B?Q1BvNHRYZzZDZlI2czZQMnZIYjc5NkpPR3pTeWJqTmRBZ3R1VmxwdEpxZDlk?= =?utf-8?B?VTAzd2tUNlBMOFYrcGhub05yVkZYVnhWRy85cC8rT1hmOTZuTkdTeXA2bnpt?= =?utf-8?B?anc9PQ==?= X-MS-Exchange-AntiSpam-ExternalHop-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-ExternalHop-MessageData-0: NKsXjBuh/Ww9VOC7KbFXh0SLpnurTbM9smq63+I4vOt1mswfiJhAFZ6ULXqY4dnM9YUGbBGaz1PE+1RIVCEcoe4fU7ZNKaqqqYQsZ6SEmuZP4kVykTr/r4Fl554YWLsQMnqogSUKp2NSIW9wlInGKdhLFP+MHbf6g/RF7ycNXYXspegXvaVmAqPcn/hVDtNHT2dXjM6Yk+0c6Ed+jmISouujzK34f5R8MHKjUsMiicTt83ZTOphNf5MQWZ3e8GeQoIbtY4WY3+CRE4YhEIxZ8bCc/MAvN+IJ+2XFM2sXVh0d79lfzOdZtE+zYubw0X2ofbZgKQ2MqX4x5VFe+BoZ+y9HJzFQUBrJTvayfBmfKh73UckFIw+05kRP2MSxtjWy7LkieNXF856Jn/JHo7Izyg7RVf93vyMhz4pp/IpYyI3E3R7BXPK19oZ63eGZcEUB/HFwC8eKEFzq2BlcscNcrHNn5lYKDnthumEb1UIj55q3v8JnH2rjgK0+sbsJAAabjI30wdFHyEaF5NaRFduz8Z3rnV62n2xZapwugY0SgFUwPl8QeQgRwppg+fS+RCGqHXU1zgB23SW3Nzh6sxS0vdDtekRX7TseA956zxNT76ykVSmnNEOzQDxZrcavlqvfyL6DrIDjcm32dzUOzA+hwl0F6KH4x9QOJlP5fxYoht8vFj8m9QZyHTuobV8ovtY/fLBhTVuXZWPPME4C4F/SXaeTVSrnpuzo2nJhYusqK7dBZRVQtgF15YnRkcheVhTA291s/ph5r8HpzXozs8bCfYYuNP22Z2nOJ3+o8bFiGdg= X-OriginatorOrg: oracle.com X-MS-Exchange-CrossTenant-Network-Message-Id: 5a1994cc-3860-41a4-252a-08daf00f5b6c X-MS-Exchange-CrossTenant-AuthSource: MWHPR1001MB2158.namprd10.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 06 Jan 2023 17:56:37.7679 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: 4e2c6054-71cb-48f1-bd6c-3a9705aca71b X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: TTlH8MN9h1PAIs9kDdMKRUACrY4/fdqozw6rxEIj3MUuFIvtp+WNZim8p8WNOHx3hOQNT8fEltcqt2zlpm1yLw== X-MS-Exchange-Transport-CrossTenantHeadersStamped: SJ0PR10MB5600 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.205,Aquarius:18.0.923,Hydra:6.0.545,FMLib:17.11.122.1 definitions=2023-01-06_12,2023-01-06_01,2022-06-22_01 X-Proofpoint-Spam-Details: rule=notspam policy=default score=0 spamscore=0 mlxscore=0 phishscore=0 malwarescore=0 bulkscore=0 suspectscore=0 mlxlogscore=999 adultscore=0 classifier=spam adjust=0 reason=mlx scancount=1 engine=8.12.0-2212070000 definitions=main-2301060137 X-Proofpoint-GUID: cal65u_WfM6wl3oIoPJ_rntZL4exZHB0 X-Proofpoint-ORIG-GUID: cal65u_WfM6wl3oIoPJ_rntZL4exZHB0 X-Spam-Status: No, score=-14.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,GIT_PATCH_0,NICE_REPLY_A,RCVD_IN_DNSWL_LOW,RCVD_IN_MSPIKE_H2,SPF_HELO_NONE,SPF_NONE,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: On 1/3/23 10:56 PM, Indu Bhagat via Binutils wrote: > Hello, > > While testing the endian flipping code in libsframe, I tried a cross build with > --target=x86_64-linux on a big-endian system (ppc64), and I ran into some > SFrame testsuite failures: > > FAIL: SFrame Simple link > FAIL: SFrame for plt0 and pltN > > The reason for failure is explained below in the commit log. This patch fixes > the issue. > > Testing notes: > - Reg tested native and cross builds on x86_64 and aarch64 (checked binutils, > ld, gas, libctf, libsframe). > - try bot shows no new regressions. > - Tested ld, gas with a cross build: --target=x86_64-linux on ppc64 host. The > two testcase failures are resolved with this patch. > > Before the patch: > FAIL: SFrame Simple link > FAIL: SFrame for plt0 and pltN > > === ld Summary === > > # of expected passes 1651 > # of unexpected failures 2 > # of expected failures 3 > # of untested testcases 26 > # of unsupported tests 134 > > After the patch: > > === ld Summary === > > # of expected passes 1653 > # of expected failures 3 > # of untested testcases 26 > # of unsupported tests 134 > > OK for master and binutils-2_40-branch ? > I have pushed this to master. Is this OK for binutils-2_40-branch ? Without this patch, there will be undesirable effects (failing ld SFrame tests, also meaning limited SFrame functionality) in some cross-builds. Thanks Indu > Thanks > > -------------------------------------- > > When sframe_encoder_write needs to flip the buffer containing the SFrame > section before writing, it is not necessary that the SFrame FDES are in > the order of their sfde_func_start_fre_off. On the contrary, SFrame > FDEs will be sorted in the order of their start address. So, remove > this incorrect assumption which is basically assuming that the last > sfde_func_start_fre_off seen will help determine the end of the flipped > buffer. > > The function now keeps track of the bytes_flipped and then compares it with > the expected value. Also, added two more checks at appropriate places: > - check that the SFrame FDE read is within bounds > - check that the SFrame FRE read is within bounds > > ChangeLog: > > * libsframe/sframe.c (flip_sframe): Adjust an incorrect check. > Add other checks to ensure reads are within the buffer size. > --- > libsframe/sframe.c | 22 +++++++++++++--------- > 1 file changed, 13 insertions(+), 9 deletions(-) > > diff --git a/libsframe/sframe.c b/libsframe/sframe.c > index 4aada1a25e0..d206780289a 100644 > --- a/libsframe/sframe.c > +++ b/libsframe/sframe.c > @@ -401,7 +401,10 @@ flip_sframe (char *frame_buf, size_t buf_size, uint32_t to_foreign) > unsigned int fre_type = 0; > uint32_t fre_offset = 0; > size_t esz = 0; > + size_t hdrsz = 0; > int err = 0; > + /* For error checking. */ > + size_t bytes_flipped = 0; > > /* Header must be in host endianness at this time. */ > ihp = (sframe_header *)frame_buf; > @@ -411,14 +414,18 @@ flip_sframe (char *frame_buf, size_t buf_size, uint32_t to_foreign) > > /* The contents of the SFrame header are safe to read. Get the number of > FDEs and the first FDE in the buffer. */ > + hdrsz = sframe_get_hdr_size (ihp); > num_fdes = ihp->sfh_num_fdes; > - fdes = frame_buf + sframe_get_hdr_size (ihp) + ihp->sfh_fdeoff; > + fdes = frame_buf + hdrsz + ihp->sfh_fdeoff; > fdep = (sframe_func_desc_entry *)fdes; > > j = 0; > prev_frep_index = 0; > for (i = 0; i < num_fdes; fdep++, i++) > { > + if ((char*)fdep >= (frame_buf + buf_size)) > + goto bad; > + > if (to_foreign) > { > num_fres = fdep->sfde_func_num_fres; > @@ -427,6 +434,7 @@ flip_sframe (char *frame_buf, size_t buf_size, uint32_t to_foreign) > } > > flip_fde (fdep); > + bytes_flipped += sizeof (sframe_func_desc_entry); > > if (!to_foreign) > { > @@ -441,20 +449,16 @@ flip_sframe (char *frame_buf, size_t buf_size, uint32_t to_foreign) > { > if (flip_fre (fp, fre_type, &esz)) > goto bad; > + bytes_flipped += esz; > > - if (esz == 0) > + if (esz == 0 || esz > buf_size) > goto bad; > fp += esz; > } > prev_frep_index = j; > } > - /* All FREs must have been endian flipped by now. */ > - if (j != ihp->sfh_num_fres) > - goto bad; > - /* Contents, if any, must have been processed by now. > - Recall that .sframe section with just a SFrame header may be generated by > - GAS if no SFrame FDEs were found for the input file. */ > - if (ihp->sfh_num_fres && ((frame_buf + buf_size) != (void*)fp)) > + /* All FDEs and FREs must have been endian flipped by now. */ > + if ((j != ihp->sfh_num_fres) || (bytes_flipped != (buf_size - hdrsz))) > goto bad; > > /* Success. */ >