[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in
|
From: |
cvs-commit at gcc dot gnu.org |
|
Subject: |
[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in |
|
Date: |
Wed, 26 Nov 2014 14:13:35 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=17512
--- Comment #113 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".
The branch, master has been updated
via a11652892c18324bf3abb8b25c01475e5a18632a (commit)
from 0cfd832fc7d4f1b5633248754dcc75fa90b5475b (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=a11652892c18324bf3abb8b25c01475e5a18632a
commit a11652892c18324bf3abb8b25c01475e5a18632a
Author: Nick Clifton <address@hidden>
Date: Wed Nov 26 14:11:23 2014 +0000
More fixes for memory access errors triggered by attemps to examine
corrupted binaries.
PR binutils/17512
* dwarf.c (display_block): Do nothing if the block starts after
the end of the buffer.
(read_and_display_attr_value): Add range checks.
(struct Frame_Chunk): Make the ncols and ra fields unsigned.
(frame_need_space): Test for an ncols of zero.
(read_cie): Fail if the augmentation data extends off the end of
the buffer.
(display_debug_frames): Add checks for read_cie failing. Add
range checks.
* coff-h8300.c (rtype2howto): Replace abort with returning a NULL
value.
* coff-h8500.c (rtype2howto): Likewise.
* coff-tic30.c (rtype2howto): Likewise.
* coff-z80.c (rtype2howto): Likewise.
* coff-z8k.c (rtype2howto): Likewise.
* coff-ia64.c (RTYPE2HOWTO): Always return a valid howto.
* coff-m68k.c (m68k_rtype2howto): Return a NULL howto if none
could be found.
* coff-mcore.c (RTYPE2HOWTO): Add range checking.
* coff-w65.c (rtype2howto): Likewise.
* coff-we32k.c (RTYPE2HOWTO): Likewise.
* pe-mips.c (RTYPE2HOWTO): Likewise.
* coff-x86_64.c (coff_amd64_reloc): Likewise. Replace abort with
an error return.
* coffcode.h (coff_slurp_reloc_table): Allow the rel parameter to
be unused.
* coffgen.c (make_a_section_from_file): Check the length of a
section name before testing to see if it is a debug section name.
(coff_object_p): Zero out any uninitialised bytes in the opt
header.
* ecoff.c (_bfd_ecoff_slurp_symbolic_info): Test for the raw
source being empty when there are values to be processed.
(_bfd_ecoff_slurp_symbol_table): Add range check.
* mach-o.c (bfd_mach_o_canonicalize_one_reloc): Likewise.
(bfd_mach_o_mangle_sections): Move test for too many sections to
before the allocation of the section table.
(bfd_mach_o_read_symtab_strtab): If the read fails, free the
memory and nullify the symbol pointer.
* reloc.c (bfd_generic_get_relocated_section_contents): Add
handling of a bfd_reloc_notsupported return value.
* versados.c (EDATA): Add range checking.
(get_record): Likewise.
(process_otr): Check for contents being available before updating
them.
(versados_canonicalize_reloc): Add range check.
-----------------------------------------------------------------------
Summary of changes:
bfd/ChangeLog | 40 +++++++++++++++++++++++
bfd/coff-h8300.c | 2 +-
bfd/coff-h8500.c | 2 +-
bfd/coff-ia64.c | 2 +-
bfd/coff-m68k.c | 1 +
bfd/coff-mcore.c | 16 +++++----
bfd/coff-tic30.c | 2 +-
bfd/coff-w65.c | 29 ++++++++++-------
bfd/coff-we32k.c | 9 ++++-
bfd/coff-x86_64.c | 13 +++++++-
bfd/coff-z80.c | 2 +-
bfd/coff-z8k.c | 2 +-
bfd/coffcode.h | 2 +-
bfd/coffgen.c | 7 +++-
bfd/ecoff.c | 8 ++++
bfd/mach-o.c | 26 +++++++++++----
bfd/pe-mips.c | 7 +++-
bfd/reloc.c | 9 +++++
bfd/versados.c | 45 ++++++++++++++++---------
binutils/ChangeLog | 13 +++++++
binutils/dwarf.c | 91 ++++++++++++++++++++++++++++++++++++++-------------
21 files changed, 250 insertions(+), 78 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, (continued)
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/20
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/20
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, hanno at hboeck dot de, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/11/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/22
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in,
cvs-commit at gcc dot gnu.org <=
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/11/27
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/11/30