aboutsummaryrefslogtreecommitdiff
path: root/bfd
diff options
context:
space:
mode:
authorAlan Modra <amodra@gmail.com>2018-05-18 17:09:45 +0930
committerAlan Modra <amodra@gmail.com>2018-05-18 18:32:35 +0930
commit4bba0fb1c6d391a217c25e44398a7e1c7090155f (patch)
treefff53de71569f3b7dd7a12cb1f3de54b043c8ae0 /bfd
parentATTRIBUTE_HIDDEN for libbfd.h (diff)
downloadbinutils-gdb-4bba0fb1c6d391a217c25e44398a7e1c7090155f.tar.gz
binutils-gdb-4bba0fb1c6d391a217c25e44398a7e1c7090155f.tar.bz2
binutils-gdb-4bba0fb1c6d391a217c25e44398a7e1c7090155f.zip
PR23199, Invalid SHT_GROUP entry leads to group confusion
This patch prevents elf_next_in_group list pointer confusion when SHT_GROUP sections specify other SHT_GROUP sections in their list of group sections. PR 23199 * elf.c (setup_group): Formatting. Check that SHT_GROUP entries don't point at other SHT_GROUP sections. Set shdr corresponding to invalid entry, to NULL rather than section 0. Identify SHT_GROUP section index when reporting an error. Cope with NULL shdr pointer.
Diffstat (limited to 'bfd')
-rw-r--r--bfd/ChangeLog9
-rw-r--r--bfd/elf.c17
2 files changed, 20 insertions, 6 deletions
diff --git a/bfd/ChangeLog b/bfd/ChangeLog
index 3b5774a2b4c..f0ea6f940b1 100644
--- a/bfd/ChangeLog
+++ b/bfd/ChangeLog
@@ -1,5 +1,14 @@
2018-05-18 Alan Modra <amodra@gmail.com>
+ PR 23199
+ * elf.c (setup_group): Formatting. Check that SHT_GROUP entries
+ don't point at other SHT_GROUP sections. Set shdr corresponding
+ to invalid entry, to NULL rather than section 0. Identify
+ SHT_GROUP section index when reporting an error. Cope with NULL
+ shdr pointer.
+
+2018-05-18 Alan Modra <amodra@gmail.com>
+
* libbfd-in.h (ATTRIBUTE_HIDDEN): Define and use throughout.
* configure.ac (HAVE_HIDDEN): Check compiler support for hidden
visibility.
diff --git a/bfd/elf.c b/bfd/elf.c
index 024b6cd86af..47d046fa834 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -628,7 +628,8 @@ setup_group (bfd *abfd, Elf_Internal_Shdr *hdr, asection *newsect)
bfd_alloc2 (abfd, num_group, sizeof (Elf_Internal_Shdr *));
if (elf_tdata (abfd)->group_sect_ptr == NULL)
return FALSE;
- memset (elf_tdata (abfd)->group_sect_ptr, 0, num_group * sizeof (Elf_Internal_Shdr *));
+ memset (elf_tdata (abfd)->group_sect_ptr, 0,
+ num_group * sizeof (Elf_Internal_Shdr *));
num_group = 0;
for (i = 0; i < shnum; i++)
@@ -709,13 +710,16 @@ setup_group (bfd *abfd, Elf_Internal_Shdr *hdr, asection *newsect)
|= SEC_LINK_ONCE | SEC_LINK_DUPLICATES_DISCARD;
break;
}
- if (idx >= shnum)
+ if (idx < shnum)
+ dest->shdr = elf_elfsections (abfd)[idx];
+ if (idx >= shnum
+ || dest->shdr->sh_type == SHT_GROUP)
{
_bfd_error_handler
- (_("%pB: invalid SHT_GROUP entry"), abfd);
- idx = 0;
+ (_("%pB: invalid entry in SHT_GROUP section [%u]"),
+ abfd, i);
+ dest->shdr = NULL;
}
- dest->shdr = elf_elfsections (abfd)[idx];
}
}
}
@@ -781,7 +785,8 @@ setup_group (bfd *abfd, Elf_Internal_Shdr *hdr, asection *newsect)
idx = (Elf_Internal_Group *) shdr->contents;
n_elt = shdr->sh_size / 4;
while (--n_elt != 0)
- if ((s = (++idx)->shdr->bfd_section) != NULL
+ if ((++idx)->shdr != NULL
+ && (s = idx->shdr->bfd_section) != NULL
&& elf_next_in_group (s) != NULL)
break;
if (n_elt != 0)