This is the mail archive of the binutils@sources.redhat.com mailing list for the binutils project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]

Re: Bogus code in coffgen.c?


"H . J . Lu" <hjl@lucon.org> writes:

> On Thu, Nov 01, 2001 at 05:12:53PM -0800, Ian Lance Taylor wrote:
> > > 
> > > We allocate a buffer of `aoutsz' bytes. Then we read `internal_f.f_opthdr'
> > > bytes into it. Why?
> > 
> > For a normal COFF target, f_opthdr should be either 0 or aoutsz.
> > XCOFF is an irritating exception: XCOFF defines a large and a small
> > aout header (I believe the small header is used for an object file
> > while the large header is used for an executable), so for XCOFF you
> > have to pay attention to f_opthdr, and not read more than that.  But
> > you still want to allocate aoutsz bytes.  because that is what
> > swap_aouthdr_in and friends expect, even for a small XCOFF header.
> > 
> > The code does the right thing for a correct object, but it's obviously
> > risky for a bad object.  I think your proposed patch is appropriate;
> > we may want to consider a call bfd_error_handler describing the
> > problem.
> > 
> 
> How about this patch? It will catch more bad files.

No, that patch is wrong, because it will not work on XCOFF.  On XCOFF,
f_opthdr may be 0, or aoutsz, or SMALL_AOUTSZ (a constant not
available in coffgen.c).

Ian

> 2001-11-02  H.J. Lu  (hjl@gnu.org)
> 
> 	* coffgen.c (coff_object_p): Return 0 if header is not right.
> 
> Index: coffgen.c
> ===================================================================
> RCS file: /work/cvs/gnu/binutils/bfd/coffgen.c,v
> retrieving revision 1.24
> diff -u -p -r1.24 coffgen.c
> --- coffgen.c	2001/10/15 20:55:56	1.24
> +++ coffgen.c	2001/11/02 08:31:52
> @@ -280,7 +280,8 @@ coff_object_p (abfd)
>    bfd_coff_swap_filehdr_in (abfd, filehdr, &internal_f);
>    bfd_release (abfd, filehdr);
>  
> -  if (bfd_coff_bad_format_hook (abfd, &internal_f) == false)
> +  if (bfd_coff_bad_format_hook (abfd, &internal_f) == false
> +      || (internal_f.f_opthdr != 0 && internal_f.f_opthdr != aoutsz))
>      {
>        bfd_set_error (bfd_error_wrong_format);
>        return 0;


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]