This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Memory overrun bug in CVS arm-elf-ld
On Tue, Jun 17, 2003 at 10:53:04AM +0100, Nick Clifton wrote:
> *** bfd/elflink.h 3 Jun 2003 22:27:22 -0000 1.228
> --- bfd/elflink.h 17 Jun 2003 09:47:12 -0000
> *************** elf_gc_record_vtentry (abfd, sec, h, add
> *** 6283,6289 ****
> struct elf_backend_data *bed = get_elf_backend_data (abfd);
> unsigned int log_file_align = bed->s->log_file_align;
>
> ! if (addend >= h->vtable_entries_size)
> {
> size_t size, bytes;
> bfd_boolean *ptr = h->vtable_entries_used;
> --- 6283,6289 ----
> struct elf_backend_data *bed = get_elf_backend_data (abfd);
> unsigned int log_file_align = bed->s->log_file_align;
>
> ! if (addend > h->vtable_entries_size)
> {
> size_t size, bytes;
> bfd_boolean *ptr = h->vtable_entries_used;
> *************** elf_gc_record_vtentry (abfd, sec, h, add
> *** 6304,6311 ****
> }
>
> /* Allocate one extra entry for use as a "done" flag for the
> ! consolidation pass. */
> ! bytes = ((size >> log_file_align) + 1) * sizeof (bfd_boolean);
>
> if (ptr)
> {
> --- 6304,6312 ----
> }
>
> /* Allocate one extra entry for use as a "done" flag for the
> ! consolidation pass and another extra entry because we are
> ! going to write up to and including 'size' entries. */
> ! bytes = ((size >> log_file_align) + 2) * sizeof (bfd_boolean);
>
> if (ptr)
> {
>
Nick, I think this is wrong. h->vtable_entries_size is used here
(oldbytes) and in other places to determine how many entries are valid.
Just allocating extra space won't fix the valid entry count.
* elflink.h (elf_gc_record_vtentry): Revert last change. Correct
size calculation from addend. Round size up.
Note that rounding the size shouldn't be necessary, but I'd rather be
bomb-proof.
Index: bfd/elflink.h
===================================================================
RCS file: /cvs/src/src/bfd/elflink.h,v
retrieving revision 1.229
diff -u -p -r1.229 elflink.h
--- bfd/elflink.h 17 Jun 2003 09:57:18 -0000 1.229
+++ bfd/elflink.h 18 Jun 2003 00:14:39 -0000
@@ -6283,30 +6283,31 @@ elf_gc_record_vtentry (abfd, sec, h, add
struct elf_backend_data *bed = get_elf_backend_data (abfd);
unsigned int log_file_align = bed->s->log_file_align;
- if (addend > h->vtable_entries_size)
+ if (addend >= h->vtable_entries_size)
{
- size_t size, bytes;
+ size_t size, bytes, file_align;
bfd_boolean *ptr = h->vtable_entries_used;
/* While the symbol is undefined, we have to be prepared to handle
a zero size. */
+ file_align = 1 << log_file_align;
if (h->root.type == bfd_link_hash_undefined)
- size = addend;
+ size = addend + file_align;
else
{
size = h->size;
- if (size < addend)
+ if (size <= addend)
{
/* Oops! We've got a reference past the defined end of
the table. This is probably a bug -- shall we warn? */
- size = addend;
+ size = addend + file_align;
}
}
+ size = (size + file_align - 1) & -file_align;
/* Allocate one extra entry for use as a "done" flag for the
- consolidation pass and another extra entry because we are
- going to write up to and including 'size' entries. */
- bytes = ((size >> log_file_align) + 2) * sizeof (bfd_boolean);
+ consolidation pass. */
+ bytes = ((size >> log_file_align) + 1) * sizeof (bfd_boolean);
if (ptr)
{
--
Alan Modra
IBM OzLabs - Linux Technology Centre