This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH-bfd] i386-mingw32-ld crash on x86_64 linux

On Sun, Apr 19, 2009 at 10:30:41PM +0100, Dave Korn wrote:
> Dave Korn wrote:
> 
> >   Brilliant.  I'll run it through a full testsuite and we'll see about getting
> > it checked in.  Thanks for contributing :)
> 
>   Tested on i686-pc-cygwin natively, and cross from i686-pc-linux-gnu to
> {arm-epoc-pe, arm-wince-pe, i386-pc-netbsdpe, i386-pc-pe, i586-pc-interix,
> i586-unknown-beospe, i686-pc-cygwin, i686-pc-mingw32, mcore-unknown-pe,
> powerpcle-unknown-pe, sh-unknown-pe, thumb-epoc-pe, x86_64-pc-freebsd,
> x86_64-pc-linux-gnu, x86_64-pc-mingw32} without regressions.
> 
> bfd/ChangeLog
> 
> 2009-04-19  Peter O'Gorman  <binutils@mlists.thewrittenword.com>
>             Alan Modra  <amodra@bigpond.net.au>
>             Dave Korn  <dave.korn.cygwin@gmail.com>
> 
> 	* peXXigen.c (_bfd_XXi_swap_sym_in):  Fix name handling w.r.t
> 	long names and non-NUL-terminated strings.

This is what I've committed.  Adds some aborts on the grounds that an
abort is better than a segfault.  Since other parts of the coff
support do the same I don't feel particularly guilty about an abort
that could be triggered by bad user input or out of memory.  A proper
fix requires quite a lot of surgery.

Index: bfd/peXXigen.c
===================================================================
RCS file: /cvs/src/src/bfd/peXXigen.c,v
retrieving revision 1.49
diff -u -p -r1.49 peXXigen.c
--- bfd/peXXigen.c	6 Apr 2009 16:48:36 -0000	1.49
+++ bfd/peXXigen.c	20 Apr 2009 00:09:39 -0000
@@ -129,6 +129,9 @@ _bfd_XXi_swap_sym_in (bfd * abfd, void *
      they will be handled somewhat correctly in the bfd code.  */
   if (in->n_sclass == C_SECTION)
     {
+      char namebuf[SYMNMLEN + 1];
+      const char *name;
+
       in->n_value = 0x0;
 
       /* Create synthetic empty sections as needed.  DJ */
@@ -136,33 +139,38 @@ _bfd_XXi_swap_sym_in (bfd * abfd, void *
 	{
 	  asection *sec;
 
-	  for (sec = abfd->sections; sec; sec = sec->next)
-	    {
-	      if (strcmp (sec->name, in->n_name) == 0)
-		{
-		  in->n_scnum = sec->target_index;
-		  break;
-		}
-	    }
+	  name = _bfd_coff_internal_syment_name (abfd, in, namebuf);
+	  if (name == NULL)
+	    /* FIXME: Return error.  */
+	    abort ();
+	  sec = bfd_get_section_by_name (abfd, name);
+	  if (sec != NULL)
+	    in->n_scnum = sec->target_index;
 	}
 
       if (in->n_scnum == 0)
 	{
 	  int unused_section_number = 0;
 	  asection *sec;
-	  char *name;
 	  flagword flags;
 
 	  for (sec = abfd->sections; sec; sec = sec->next)
 	    if (unused_section_number <= sec->target_index)
 	      unused_section_number = sec->target_index + 1;
 
-	  name = bfd_alloc (abfd, (bfd_size_type) strlen (in->n_name) + 10);
-	  if (name == NULL)
-	    return;
-	  strcpy (name, in->n_name);
+	  if (name == namebuf)
+	    {
+	      name = bfd_alloc (abfd, strlen (namebuf) + 1);
+	      if (name == NULL)
+		/* FIXME: Return error.  */
+		abort ();
+	      strcpy ((char *) name, namebuf);
+	    }
 	  flags = SEC_HAS_CONTENTS | SEC_ALLOC | SEC_DATA | SEC_LOAD;
 	  sec = bfd_make_section_anyway_with_flags (abfd, name, flags);
+	  if (sec == NULL)
+	    /* FIXME: Return error.  */
+	    abort ();
 
 	  sec->vma = 0;
 	  sec->lma = 0;

-- 
Alan Modra
Australia Development Lab, IBM
Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]