Tidy PR29893 and PR29908 fix

public inbox for binutils@sourceware.org
 help / color / mirror / Atom feed

* Tidy PR29893 and PR29908 fix
@ 2022-12-19 13:27 Alan Modra
  0 siblings, 0 replies; only message in thread
From: Alan Modra @ 2022-12-19 13:27 UTC (permalink / raw)
  To: binutils; +Cc: Nick Clifton

Hi Nick,
I'm removing the code you added to check "end < entry" for DWARF
version 4, because if you look at the way debug_addr_info is set up
you'll see that it is sorted and so
      entry = section->start + debug_addr_info [i]->addr_base;
	end = section->start + debug_addr_info [i + 1]->addr_base;
must result in end >= entry.  (I'd looked into adding a test there for
PR29893.)

Also, I wonder about all of these warning messages we've been adding
for fuzzed object file errors.  In normal operation of the tools they
will never be hit so we're just creating work for translators.  Maybe
they should mostly all just be
  "%pA+%#" PRIx64 " invalid\n", section, (uint64_t) offset

That's likely all someone debugging binutils or a producer of DWARF
needs.

	PR 29893
	PR 29908
	* dwarf.c (display_debug_addr): Combine dwarf5 unit_length checks.
	Delete dead code.

diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 03b36afcec0..e08d51b4a97 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -7731,19 +7731,14 @@ display_debug_addr (struct dwarf_section *section,
 	  SAFE_BYTE_GET_AND_INC (length, curr_header, 4, entry);
 	  if (length == 0xffffffff)
 	    SAFE_BYTE_GET_AND_INC (length, curr_header, 8, entry);
-	  if (length > (size_t) (section->start + section->size - curr_header))
+	  if (length > (size_t) (section->start + section->size - curr_header)
+	      || length < (size_t) (entry - curr_header))
 	    {
 	      warn (_("Corrupt %s section: unit_length field of %#" PRIx64
-		      " too large\n"), section->name, length);
+		      " is invalid\n"), section->name, length);
 	      return 0;
 	    }
 	  end = curr_header + length;
-	  if (end < entry)
-	    {
-	      warn (_("Corrupt %s section header: length field (%lx) is too small\n"),
-		    section->name, (long) length);
-	      return 0;
-	    }
 	  SAFE_BYTE_GET_AND_INC (version, curr_header, 2, entry);
 	  if (version != 5)
 	    warn (_("Corrupt %s section: expecting version number 5 in header but found %d instead\n"),
@@ -7754,18 +7749,7 @@ display_debug_addr (struct dwarf_section *section,
 	  address_size += segment_selector_size;
 	}
       else
-	{
-	  end = section->start + debug_addr_info [i + 1]->addr_base;
-
-	  if (end < entry)
-	    {
-	      warn (_("Corrupt %s section: address base of entry %u (%lx) is less than entry %u (%lx)\n"),
-		    section->name,
-		    i, (long) debug_addr_info [i]->addr_base,
-		    i + 1, (long) debug_addr_info [i + 1]->addr_base);
-	      return 0;
-	    }
-	}
+	end = section->start + debug_addr_info [i + 1]->addr_base;
 
       header = end;
       idx = 0;

-- 
Alan Modra
Australia Development Lab, IBM

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-12-19 13:27 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-12-19 13:27 Tidy PR29893 and PR29908 fix Alan Modra

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).