From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=ERev=4R=gmail.com=amodra@sourceware.org>
Received: from mail-pf1-x432.google.com (mail-pf1-x432.google.com [IPv6:2607:f8b0:4864:20::432])
	by sourceware.org (Postfix) with ESMTPS id C77253858D1E
	for <binutils@sourceware.org>; Mon, 19 Dec 2022 13:27:23 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org C77253858D1E
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
Received: by mail-pf1-x432.google.com with SMTP id k79so6213863pfd.7
        for <binutils@sourceware.org>; Mon, 19 Dec 2022 05:27:23 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20210112;
        h=content-disposition:mime-version:message-id:subject:cc:to:from:date
         :from:to:cc:subject:date:message-id:reply-to;
        bh=wsMDrpnnqNo0uEZaHXVDno2Rkq1J/EGtF02YXUrit6Y=;
        b=jX+6ofgDmJjscKQ59sEBkcg+ceWSbXXS5szvHnCrEMc1PPsYCrTxgAqAOth6Zpxwdp
         J2LtmRhRhGop8lj1rIGc1MrMVitFW3YuFeXCG9k6FVO3XoOLlpfGbhXPyfVKA8pAX0b4
         u8f7I4oOfEg7M0QA8OqBSWpIkz35lw7tWrSOukG7ficI6KQDN/leKlyyhfZgIWs2z4Df
         y6piFDy4wgncCF4K/4rieXDkA9CgkEvgAvjZH+CaKazqpyrUxzGrDxZk630qYnyF0dUI
         vLdGwi+F342/dpLyxuHkmGsZktyHF/8nHwZnJZ/fhyhxQzCEUvFckEEaUi5RMzmKtUCV
         cQ0Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20210112;
        h=content-disposition:mime-version:message-id:subject:cc:to:from:date
         :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
        bh=wsMDrpnnqNo0uEZaHXVDno2Rkq1J/EGtF02YXUrit6Y=;
        b=xrK8ekKFyYsocU39ESE3kKKwudwSScuzah2VAHJ4EkU/JGAStrlGC28MEjYHlS0KLI
         PkqHituZnRnN6MAeT1Pi5jE3mrC6NmzUkbKvmHB7cPxI5lGZv6bkr0FF62PNbpH4t6sP
         NPUq0XzN0Xv3iXjYB7jQErpotsKMA0JP5ddCLSIDA5Op/lTO7Wdx75eFqtkWBc4gubax
         WBhzPCtqgrPPxCyzBidVr1iR20MyibwwKd+UVeOCwc4EUDbZLcClvceY9fJYjIG4WnnB
         worviRlYQXsP50NHEUfLtfBPzxGJCH521Bxvmszdjx7Sathy8jN0Du73s5IlQ0SOjmnj
         X/1w==
X-Gm-Message-State: AFqh2kpu8aenBCJqrf8ckes32HEf1+OxiBfV1hRwvVnXeUlJEz+zTbQa
	CE/MmEa8ksc1B1o9FlJP1YPd7BRI8mk=
X-Google-Smtp-Source: AMrXdXs+5OaAD/P2nc2qjuopk0Rqw3yfftKLfmmHbEIxX7Ae+Th53KdIVcZe8msJkuLHGTijNGAT6A==
X-Received: by 2002:a62:7b8a:0:b0:576:f334:6740 with SMTP id w132-20020a627b8a000000b00576f3346740mr9560835pfc.23.1671456442759;
        Mon, 19 Dec 2022 05:27:22 -0800 (PST)
Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:a57b:7d53:5916:3824])
        by smtp.gmail.com with ESMTPSA id g28-20020aa79f1c000000b00574ebfdc721sm6787061pfr.16.2022.12.19.05.27.21
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Mon, 19 Dec 2022 05:27:22 -0800 (PST)
Received: by squeak.grove.modra.org (Postfix, from userid 1000)
	id BFE6A1140DDD; Mon, 19 Dec 2022 23:57:19 +1030 (ACDT)
Date: Mon, 19 Dec 2022 23:57:19 +1030
From: Alan Modra <amodra@gmail.com>
To: binutils@sourceware.org
Cc: Nick Clifton <nickc@redhat.com>
Subject: Tidy PR29893 and PR29908 fix
Message-ID: <Y6Bmt87TKcG5vugy@squeak.grove.modra.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
X-Spam-Status: No, score=-3035.3 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>

Hi Nick,
I'm removing the code you added to check "end < entry" for DWARF
version 4, because if you look at the way debug_addr_info is set up
you'll see that it is sorted and so
      entry = section->start + debug_addr_info [i]->addr_base;
	end = section->start + debug_addr_info [i + 1]->addr_base;
must result in end >= entry.  (I'd looked into adding a test there for
PR29893.)

Also, I wonder about all of these warning messages we've been adding
for fuzzed object file errors.  In normal operation of the tools they
will never be hit so we're just creating work for translators.  Maybe
they should mostly all just be
  "%pA+%#" PRIx64 " invalid\n", section, (uint64_t) offset

That's likely all someone debugging binutils or a producer of DWARF
needs.

	PR 29893
	PR 29908
	* dwarf.c (display_debug_addr): Combine dwarf5 unit_length checks.
	Delete dead code.

diff --git a/binutils/dwarf.c b/binutils/dwarf.c
index 03b36afcec0..e08d51b4a97 100644
--- a/binutils/dwarf.c
+++ b/binutils/dwarf.c
@@ -7731,19 +7731,14 @@ display_debug_addr (struct dwarf_section *section,
 	  SAFE_BYTE_GET_AND_INC (length, curr_header, 4, entry);
 	  if (length == 0xffffffff)
 	    SAFE_BYTE_GET_AND_INC (length, curr_header, 8, entry);
-	  if (length > (size_t) (section->start + section->size - curr_header))
+	  if (length > (size_t) (section->start + section->size - curr_header)
+	      || length < (size_t) (entry - curr_header))
 	    {
 	      warn (_("Corrupt %s section: unit_length field of %#" PRIx64
-		      " too large\n"), section->name, length);
+		      " is invalid\n"), section->name, length);
 	      return 0;
 	    }
 	  end = curr_header + length;
-	  if (end < entry)
-	    {
-	      warn (_("Corrupt %s section header: length field (%lx) is too small\n"),
-		    section->name, (long) length);
-	      return 0;
-	    }
 	  SAFE_BYTE_GET_AND_INC (version, curr_header, 2, entry);
 	  if (version != 5)
 	    warn (_("Corrupt %s section: expecting version number 5 in header but found %d instead\n"),
@@ -7754,18 +7749,7 @@ display_debug_addr (struct dwarf_section *section,
 	  address_size += segment_selector_size;
 	}
       else
-	{
-	  end = section->start + debug_addr_info [i + 1]->addr_base;
-
-	  if (end < entry)
-	    {
-	      warn (_("Corrupt %s section: address base of entry %u (%lx) is less than entry %u (%lx)\n"),
-		    section->name,
-		    i, (long) debug_addr_info [i]->addr_base,
-		    i + 1, (long) debug_addr_info [i + 1]->addr_base);
-	      return 0;
-	    }
-	}
+	end = section->start + debug_addr_info [i + 1]->addr_base;
 
       header = end;
       idx = 0;

-- 
Alan Modra
Australia Development Lab, IBM