[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug gold/14097] Gold doesn't check R_X86_64_RELATIVE64 addend overflow

From: hjl.tools at gmail dot com
Subject: [Bug gold/14097] Gold doesn't check R_X86_64_RELATIVE64 addend overflow
Date: Fri, 11 May 2012 12:04:09 +0000


--- Comment #1 from H.J. Lu <hjl.tools at gmail dot com> 2012-05-11 12:04:09 
UTC ---
Addend overflow can be seen in

template<bool dynamic, int size, bool big_endian>
Output_reloc<elfcpp::SHT_RELA, dynamic, size, big_endian>::write(
    unsigned char* pov) const
  elfcpp::Rela_write<size, big_endian> orel(pov);
  Addend addend = this->addend_;
  if (this->rel_.is_target_specific())
    addend = parameters->target().reloc_addend(this->rel_.target_arg(),
                                               this->rel_.type(), addend);
  else if (this->rel_.is_symbolless())
    addend = this->rel_.symbol_value(addend);
  else if (this->rel_.is_local_section_symbol())
    addend = this->rel_.local_section_offset(addend);

1213      else if (this->rel_.is_symbolless())
1214        addend = this->rel_.symbol_value(addend);
1217      orel.put_r_addend(addend);
(gdb) p/x addend
$15 = 0x8000013f
(gdb) p/x this->addend_
$16 = 0x7fffffff

Its sign changed.  This is OK for any other ELF32 relocations.
But R_X86_64_RELATIVE64 is an ELF32 relocation applied to a 64-bit
field.  Its addend can't change sign.

Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]