From: Andreas Schwab <schwab@linux-m68k.org>
To: binutils@sourceware.org
Subject: [PATCH] Fix read beyond array bound
Date: Sun, 06 Sep 2009 13:31:00 -0000 [thread overview]
Message-ID: <m2hbvg8ak3.fsf@igel.home> (raw)
Instead of returning a reference beyond the array bounds, use R_68K_NONE
if the reloc index is out of range.
Andreas.
2009-09-06 Andreas Schwab <schwab@linux-m68k.org>
* elf32-m68k.c (rtype_to_howto): If the reloc index is out of
range call the bfd error hander and use R_68K_NONE instead.
Index: bfd/elf32-m68k.c
===================================================================
RCS file: /cvs/src/src/bfd/elf32-m68k.c,v
retrieving revision 1.115
diff -u -a -p -r1.115 elf32-m68k.c
--- bfd/elf32-m68k.c 29 Aug 2009 22:10:58 -0000 1.115
+++ bfd/elf32-m68k.c 6 Sep 2009 13:27:27 -0000
@@ -374,13 +374,17 @@ static reloc_howto_type howto_table[] =
};
static void
-rtype_to_howto (abfd, cache_ptr, dst)
- bfd *abfd ATTRIBUTE_UNUSED;
- arelent *cache_ptr;
- Elf_Internal_Rela *dst;
+rtype_to_howto (bfd *abfd, arelent *cache_ptr, Elf_Internal_Rela *dst)
{
- BFD_ASSERT (ELF32_R_TYPE(dst->r_info) < (unsigned int) R_68K_max);
- cache_ptr->howto = &howto_table[ELF32_R_TYPE(dst->r_info)];
+ unsigned int indx = ELF32_R_TYPE (dst->r_info);
+
+ if (indx >= (unsigned int) R_68K_max)
+ {
+ (*_bfd_error_handler) (_("%B: invalid relocation type %d"),
+ abfd, (int) indx);
+ indx = R_68K_NONE;
+ }
+ cache_ptr->howto = &howto_table[indx];
}
#define elf_info_to_howto rtype_to_howto
@@ -4744,6 +4748,8 @@ elf_m68k_plt_sym_val (bfd_vma i, const a
#define TARGET_BIG_NAME "elf32-m68k"
#define ELF_MACHINE_CODE EM_68K
#define ELF_MAXPAGESIZE 0x2000
+#define ELF_COMMONPAGESIZE 0x1000
+
#define elf_backend_create_dynamic_sections \
_bfd_elf_create_dynamic_sections
#define bfd_elf32_bfd_link_hash_table_create \
--
Andreas Schwab, schwab@linux-m68k.org
GPG Key fingerprint = 58CA 54C7 6D53 942B 1756 01D3 44D5 214B 8276 4ED5
"And now for something completely different."
next reply other threads:[~2009-09-06 13:31 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2009-09-06 13:31 Andreas Schwab [this message]
2009-09-06 14:32 ` Andreas Schwab
2009-09-07 13:22 ` Nick Clifton
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=m2hbvg8ak3.fsf@igel.home \
--to=schwab@linux-m68k.org \
--cc=binutils@sourceware.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).