summaryrefslogtreecommitdiff
path: root/bfd/coffgen.c
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2014-11-13 17:46:11 +0000
committerNick Clifton <nickc@redhat.com>2014-11-13 17:46:11 +0000
commita5c71af8d3c7c535f27614947f72883233658706 (patch)
treeefbc4ad3fc157bae2596150b4142c8f015a2967f /bfd/coffgen.c
parent09bc6c722493047fb50e8a7e70e028023eff8f32 (diff)
More fixes for memory access violations whilst scanning corrupt binaries.
PR binutils/17512 * config/obj-coff.c (coff_obj_symbol_new_hook): Set the is_sym field. * coffcode.h (coff_ptr_struct): Add is_sym field. (coff_new_section_hook): Set the is_sym field. (coff_pointerize_aux_hook): Check the is_sym field. (coff_print_aux): Likewise. (coff_compute_section_file_positions): Likewise. (coff_write_object_contents): Likewise. (coff_slurp_line_table): Likewise. (coff_slurp_symbol_table): Likewise. (CALC_ADDEND): Likewise. * coffgen.c (coff_renumber_symbols): Likewise. (coff_mangle_symbols): Likewise. (coff_fix_symbol_name): Likewise. (coff_write_symbol): Likewise. (coff_write_alien_symbol): Likewise. (coff_write_native_symbol): Likewise. (coff_write_symbols): Likewise. (coff_write_linenumbers): Likewise. (coff_pointerize_aux): Likewise. (coff_get_normalized_symtab): Likewise. (coff_get_symbol_info): Likewise. (bfd_coff_get_syment): Likewise. (bfd_coff_get_auxent): Likewise. (coff_print_symbol): Likewise. (coff_find_nearest_line_with_names): Likewise. (bfd_coff_set_symbol_class): Likewise. (coff_make_empty_symbol): Set the is_sym field. (coff_bfd_make_debug_symbol): Likewise. * peicode.h (pe_ILF_make_a_symbol): Likewise. * libcoff.h: Regenerate. * libcoff-in.h: Regenerate.
Diffstat (limited to 'bfd/coffgen.c')
-rw-r--r--bfd/coffgen.c74
1 files changed, 58 insertions, 16 deletions
diff --git a/bfd/coffgen.c b/bfd/coffgen.c
index 9dcb3bd9ab..a22f67a69d 100644
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -761,12 +761,14 @@ coff_renumber_symbols (bfd *bfd_ptr, int *first_undef)
for (symbol_index = 0; symbol_index < symbol_count; symbol_index++)
{
coff_symbol_type *coff_symbol_ptr = coff_symbol_from (bfd_ptr, symbol_ptr_ptr[symbol_index]);
+
symbol_ptr_ptr[symbol_index]->udata.i = symbol_index;
if (coff_symbol_ptr && coff_symbol_ptr->native)
{
combined_entry_type *s = coff_symbol_ptr->native;
int i;
+ BFD_ASSERT (s->is_sym);
if (s->u.syment.n_sclass == C_FILE)
{
if (last_file != NULL)
@@ -811,6 +813,7 @@ coff_mangle_symbols (bfd *bfd_ptr)
int i;
combined_entry_type *s = coff_symbol_ptr->native;
+ BFD_ASSERT (s->is_sym);
if (s->fix_value)
{
/* FIXME: We should use a union here. */
@@ -834,6 +837,8 @@ coff_mangle_symbols (bfd *bfd_ptr)
for (i = 0; i < s->u.syment.n_numaux; i++)
{
combined_entry_type *a = s + i + 1;
+
+ BFD_ASSERT (! a->is_sym);
if (a->fix_tag)
{
a->u.auxent.x_sym.x_tagndx.l =
@@ -877,6 +882,7 @@ coff_fix_symbol_name (bfd *abfd,
}
name_length = strlen (name);
+ BFD_ASSERT (native->is_sym);
if (native->u.syment.n_sclass == C_FILE
&& native->u.syment.n_numaux > 0)
{
@@ -892,6 +898,7 @@ coff_fix_symbol_name (bfd *abfd,
else
strncpy (native->u.syment._n._n_name, ".file", SYMNMLEN);
+ BFD_ASSERT (! (native + 1)->is_sym);
auxent = &(native + 1)->u.auxent;
filnmlen = bfd_coff_filnmlen (abfd);
@@ -994,6 +1001,8 @@ coff_write_symbol (bfd *abfd,
void * buf;
bfd_size_type symesz;
+ BFD_ASSERT (native->is_sym);
+
if (native->u.syment.n_sclass == C_FILE)
symbol->flags |= BSF_DEBUGGING;
@@ -1034,6 +1043,7 @@ coff_write_symbol (bfd *abfd,
return FALSE;
for (j = 0; j < native->u.syment.n_numaux; j++)
{
+ BFD_ASSERT (! (native + j + 1)->is_sym);
bfd_coff_swap_aux_out (abfd,
&((native + j + 1)->u.auxent),
type, n_sclass, (int) j,
@@ -1079,10 +1089,12 @@ coff_write_alien_symbol (bfd *abfd,
{
symbol->name = "";
if (isym != NULL)
- memset (isym, 0, sizeof(*isym));
+ memset (isym, 0, sizeof (*isym));
return TRUE;
}
native = dummy;
+ native->is_sym = TRUE;
+ native[1].is_sym = FALSE;
native->u.syment.n_type = T_NULL;
native->u.syment.n_flags = 0;
native->u.syment.n_numaux = 0;
@@ -1109,7 +1121,7 @@ coff_write_alien_symbol (bfd *abfd,
name to keep it from being put in the string table. */
symbol->name = "";
if (isym != NULL)
- memset (isym, 0, sizeof(*isym));
+ memset (isym, 0, sizeof (*isym));
return TRUE;
}
else
@@ -1168,6 +1180,7 @@ coff_write_native_symbol (bfd *abfd,
return TRUE;
}
+ BFD_ASSERT (native->is_sym);
/* If this symbol has an associated line number, we must store the
symbol index in the line number field. We also tag the auxent to
point to the right place in the lineno table. */
@@ -1277,8 +1290,9 @@ coff_write_symbols (bfd *abfd)
symbol which has no associated section and we do not have to
worry about this, all we need to know is that it is local. */
current_error_handler = bfd_set_error_handler (null_error_handler);
+ BFD_ASSERT (c_symbol->native->is_sym);
sym_class = bfd_coff_classify_symbol (abfd,
- &c_symbol->native->u.syment);
+ &c_symbol->native->u.syment);
(void) bfd_set_error_handler (current_error_handler);
n_sclass = &c_symbol->native->u.syment.n_sclass;
@@ -1369,6 +1383,9 @@ coff_write_symbols (bfd *abfd)
file name, nor does it go in the .debug section. */
maxlen = bfd_coff_force_symnames_in_strings (abfd) ? 0 : SYMNMLEN;
+ else if (! c_symbol->native->is_sym)
+ maxlen = bfd_coff_force_symnames_in_strings (abfd) ? 0 : SYMNMLEN;
+
else if (bfd_coff_symname_in_debug (abfd,
&c_symbol->native->u.syment))
/* This symbol name is in the XCOFF .debug section.
@@ -1459,6 +1476,7 @@ coff_write_linenumbers (bfd *abfd)
{
/* Found a linenumber entry, output. */
struct internal_lineno out;
+
memset ((void *) & out, 0, sizeof (out));
out.l_lnno = 0;
out.l_addr.l_symndx = l->u.offset;
@@ -1506,6 +1524,7 @@ coff_pointerize_aux (bfd *abfd,
unsigned int type = symbol->u.syment.n_type;
unsigned int n_sclass = symbol->u.syment.n_sclass;
+ BFD_ASSERT (symbol->is_sym);
if (coff_backend_info (abfd)->_bfd_coff_pointerize_aux_hook)
{
if ((*coff_backend_info (abfd)->_bfd_coff_pointerize_aux_hook)
@@ -1519,6 +1538,7 @@ coff_pointerize_aux (bfd *abfd,
if (n_sclass == C_FILE)
return;
+ BFD_ASSERT (! auxent->is_sym);
/* Otherwise patch up. */
#define N_TMASK coff_data (abfd)->local_n_tmask
#define N_BTSHFT coff_data (abfd)->local_n_btshft
@@ -1786,6 +1806,7 @@ coff_get_normalized_symtab (bfd *abfd)
bfd_coff_swap_sym_in (abfd, (void *) raw_src,
(void *) & internal_ptr->u.syment);
symbol_ptr = internal_ptr;
+ internal_ptr->is_sym = TRUE;
for (i = 0;
i < symbol_ptr->u.syment.n_numaux;
@@ -1802,6 +1823,7 @@ coff_get_normalized_symtab (bfd *abfd)
symbol_ptr->u.syment.n_sclass,
(int) i, symbol_ptr->u.syment.n_numaux,
&(internal_ptr->u.auxent));
+ internal_ptr->is_sym = FALSE;
coff_pointerize_aux (abfd, internal, symbol_ptr, i,
internal_ptr);
}
@@ -1815,12 +1837,18 @@ coff_get_normalized_symtab (bfd *abfd)
for (internal_ptr = internal; internal_ptr < internal_end;
internal_ptr++)
{
+ BFD_ASSERT (internal_ptr->is_sym);
+
if (internal_ptr->u.syment.n_sclass == C_FILE
&& internal_ptr->u.syment.n_numaux > 0)
{
+ combined_entry_type * aux = internal_ptr + 1;
+
/* Make a file symbol point to the name in the auxent, since
the text ".file" is redundant. */
- if ((internal_ptr + 1)->u.auxent.x_file.x_n.x_zeroes == 0)
+ BFD_ASSERT (! aux->is_sym);
+
+ if (aux->u.auxent.x_file.x_n.x_zeroes == 0)
{
/* The filename is a long one, point into the string table. */
if (string_table == NULL)
@@ -1829,14 +1857,13 @@ coff_get_normalized_symtab (bfd *abfd)
if (string_table == NULL)
return NULL;
}
- if ((bfd_size_type)((internal_ptr + 1)->u.auxent.x_file.x_n.x_offset)
+
+ if ((bfd_size_type)(aux->u.auxent.x_file.x_n.x_offset)
>= obj_coff_strings_len (abfd))
internal_ptr->u.syment._n._n_n._n_offset = (bfd_hostptr_t) _("<corrupt>");
else
internal_ptr->u.syment._n._n_n._n_offset =
- ((bfd_hostptr_t)
- (string_table
- + (internal_ptr + 1)->u.auxent.x_file.x_n.x_offset));
+ (bfd_hostptr_t) (string_table + (aux->u.auxent.x_file.x_n.x_offset));
}
else
{
@@ -1846,15 +1873,15 @@ coff_get_normalized_symtab (bfd *abfd)
if (internal_ptr->u.syment.n_numaux > 1
&& coff_data (abfd)->pe)
internal_ptr->u.syment._n._n_n._n_offset =
- ((bfd_hostptr_t)
- copy_name (abfd,
- (internal_ptr + 1)->u.auxent.x_file.x_fname,
- internal_ptr->u.syment.n_numaux * symesz));
+ (bfd_hostptr_t)
+ copy_name (abfd,
+ aux->u.auxent.x_file.x_fname,
+ internal_ptr->u.syment.n_numaux * symesz);
else
internal_ptr->u.syment._n._n_n._n_offset =
((bfd_hostptr_t)
copy_name (abfd,
- (internal_ptr + 1)->u.auxent.x_file.x_fname,
+ aux->u.auxent.x_file.x_fname,
(size_t) bfd_coff_filnmlen (abfd)));
}
}
@@ -1950,7 +1977,7 @@ coff_make_empty_symbol (bfd *abfd)
if (new_symbol == NULL)
return NULL;
new_symbol->symbol.section = 0;
- new_symbol->native = 0;
+ new_symbol->native = NULL;
new_symbol->lineno = NULL;
new_symbol->done_lineno = FALSE;
new_symbol->symbol.the_bfd = abfd;
@@ -1976,6 +2003,7 @@ coff_bfd_make_debug_symbol (bfd *abfd,
new_symbol->native = (combined_entry_type *) bfd_zalloc (abfd, amt);
if (!new_symbol->native)
return NULL;
+ new_symbol->native->is_sym = TRUE;
new_symbol->symbol.section = bfd_abs_section_ptr;
new_symbol->symbol.flags = BSF_DEBUGGING;
new_symbol->lineno = NULL;
@@ -1991,7 +2019,8 @@ coff_get_symbol_info (bfd *abfd, asymbol *symbol, symbol_info *ret)
bfd_symbol_info (symbol, ret);
if (coffsymbol (symbol)->native != NULL
- && coffsymbol (symbol)->native->fix_value)
+ && coffsymbol (symbol)->native->fix_value
+ && coffsymbol (symbol)->native->is_sym)
ret->value = coffsymbol (symbol)->native->u.syment.n_value -
(bfd_hostptr_t) obj_raw_syments (abfd);
}
@@ -2006,7 +2035,8 @@ bfd_coff_get_syment (bfd *abfd,
coff_symbol_type *csym;
csym = coff_symbol_from (abfd, symbol);
- if (csym == NULL || csym->native == NULL)
+ if (csym == NULL || csym->native == NULL
+ || ! csym->native->is_sym)
{
bfd_set_error (bfd_error_invalid_operation);
return FALSE;
@@ -2038,6 +2068,7 @@ bfd_coff_get_auxent (bfd *abfd,
if (csym == NULL
|| csym->native == NULL
+ || ! csym->native->is_sym
|| indx >= csym->native->u.syment.n_numaux)
{
bfd_set_error (bfd_error_invalid_operation);
@@ -2046,6 +2077,7 @@ bfd_coff_get_auxent (bfd *abfd,
ent = csym->native + indx + 1;
+ BFD_ASSERT (! ent->is_sym);
*pauxent = ent->u.auxent;
if (ent->fix_tag)
@@ -2107,6 +2139,7 @@ coff_print_symbol (bfd *abfd,
break;
}
+ BFD_ASSERT (combined->is_sym);
if (! combined->fix_value)
val = (bfd_vma) combined->u.syment.n_value;
else
@@ -2126,6 +2159,7 @@ coff_print_symbol (bfd *abfd,
combined_entry_type *auxp = combined + aux + 1;
long tagndx;
+ BFD_ASSERT (! auxp->is_sym);
if (auxp->fix_tag)
tagndx = auxp->u.auxent.x_sym.x_tagndx.p - root;
else
@@ -2295,6 +2329,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
pend = p + cof->raw_syment_count;
while (p < pend)
{
+ BFD_ASSERT (p->is_sym);
if (p->u.syment.n_sclass == C_FILE)
break;
p += 1 + p->u.syment.n_numaux;
@@ -2318,6 +2353,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
p2 < pend;
p2 += 1 + p2->u.syment.n_numaux)
{
+ BFD_ASSERT (p2->is_sym);
if (p2->u.syment.n_scnum > 0
&& (section
== coff_section_from_bfd_index (abfd,
@@ -2329,6 +2365,8 @@ coff_find_nearest_line_with_names (bfd *abfd,
break;
}
}
+ if (p2 >= pend)
+ break;
file_addr = (bfd_vma) p2->u.syment.n_value;
/* PR 11512: Include the section address of the function name symbol. */
@@ -2393,6 +2431,8 @@ coff_find_nearest_line_with_names (bfd *abfd,
if (coff->native)
{
combined_entry_type *s = coff->native;
+
+ BFD_ASSERT (s->is_sym);
s = s + 1 + s->u.syment.n_numaux;
/* In XCOFF a debugging symbol can follow the
@@ -2405,6 +2445,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
{
/* The linenumber is stored in the auxent. */
union internal_auxent *a = &((s + 1)->u.auxent);
+
line_base = a->x_sym.x_misc.x_lnsz.x_lnno;
*line_ptr = line_base;
}
@@ -2526,6 +2567,7 @@ bfd_coff_set_symbol_class (bfd * abfd,
if (native == NULL)
return FALSE;
+ native->is_sym = TRUE;
native->u.syment.n_type = T_NULL;
native->u.syment.n_sclass = symbol_class;
generated by cgit v1.2.3 (git 2.25.1) at 2024-07-24 16:17:26 +0000