diff options
| author | Nick Clifton <nickc@redhat.com> | 2017-07-24 13:49:22 +0100 |
|---|---|---|
| committer | Nick Clifton <nickc@redhat.com> | 2017-07-24 13:49:22 +0100 |
| commit | ca4cf9b9c622a5695e01f7f5815a7382a31fcf51 (patch) | |
| tree | f2ecc74aa1b10a2cf2b651a32ad4378909234854 /bfd/mach-o-i386.c | |
| parent | e8d84ca1b46f899b0b140fdd146fc7b14515267b (diff) | |
Fix address violation errors parsing corrupt binary files.
PR 21813
binutils* rddbg.c (read_symbol_stabs_debugging_info): Check for an empty
string whilst concatenating symbol names.
bfd * mach-o.c (bfd_mach_o_canonicalize_relocs): Pass the base address
of the relocs to the canonicalize_one_reloc routine.
* mach-o.h (struct bfd_mach_o_backend_data): Update the prototype
for the _bfd_mach_o_canonicalize_one_reloc field.
* mach-o-arm.c (bfd_mach_o_arm_canonicalize_one_reloc): Add
res_base parameter. Use to check for corrupt pair relocs.
* mach-o-aarch64.c (bfd_mach_o_arm64_canonicalize_one_reloc):
Likewise.
* mach-o-i386.c (bfd_mach_o_i386_canonicalize_one_reloc):
Likewise.
* mach-o-x86-64.c (bfd_mach_o_x86_64_canonicalize_one_reloc):
Likewise.
* vms-alpha.c (_bfd_vms_slurp_eihd): Make sure that there is
enough data in the record before attempting to parse it.
(_bfd_vms_slurp_eeom): Likewise.
(_bfd_vms_slurp_egsd): Check for an invalid section index.
(image_set_ptr): Likewise.
(alpha_vms_slurp_relocs): Likewise.
Diffstat (limited to 'bfd/mach-o-i386.c')
| -rw-r--r-- | bfd/mach-o-i386.c | 17 |
1 files changed, 11 insertions, 6 deletions
diff --git a/bfd/mach-o-i386.c b/bfd/mach-o-i386.c index ce0389e020..803af983f5 100644 --- a/bfd/mach-o-i386.c +++ b/bfd/mach-o-i386.c @@ -112,9 +112,11 @@ static reloc_howto_type i386_howto_table[]= }; static bfd_boolean -bfd_mach_o_i386_canonicalize_one_reloc (bfd *abfd, - struct mach_o_reloc_info_external *raw, - arelent *res, asymbol **syms) +bfd_mach_o_i386_canonicalize_one_reloc (bfd * abfd, + struct mach_o_reloc_info_external * raw, + arelent * res, + asymbol ** syms, + arelent * res_base) { bfd_mach_o_reloc_info reloc; @@ -126,6 +128,9 @@ bfd_mach_o_i386_canonicalize_one_reloc (bfd *abfd, switch (reloc.r_type) { case BFD_MACH_O_GENERIC_RELOC_PAIR: + /* PR 21813: Check for a corrupt PAIR reloc at the start. */ + if (res == res_base) + return FALSE; if (reloc.r_length == 2) { res->howto = &i386_howto_table[7]; @@ -391,9 +396,9 @@ const mach_o_segment_name_xlat mach_o_i386_segsec_names_xlat[] = { NULL, NULL } }; -#define bfd_mach_o_canonicalize_one_reloc bfd_mach_o_i386_canonicalize_one_reloc -#define bfd_mach_o_swap_reloc_out bfd_mach_o_i386_swap_reloc_out -#define bfd_mach_o_print_thread bfd_mach_o_i386_print_thread +#define bfd_mach_o_canonicalize_one_reloc bfd_mach_o_i386_canonicalize_one_reloc +#define bfd_mach_o_swap_reloc_out bfd_mach_o_i386_swap_reloc_out +#define bfd_mach_o_print_thread bfd_mach_o_i386_print_thread #define bfd_mach_o_tgt_seg_table mach_o_i386_segsec_names_xlat #define bfd_mach_o_section_type_valid_for_tgt NULL |