This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: PATCH: Check number of sections overflow

From: Alan Modra <amodra at gmail dot com>
To: "H.J. Lu" <hjl dot tools at gmail dot com>
Cc: binutils at sourceware dot org
Date: Wed, 4 Jul 2012 09:36:32 +0930
Subject: Re: PATCH: Check number of sections overflow
References: <20120703183621.GA6303@intel.com>

On Tue, Jul 03, 2012 at 11:36:21AM -0700, H.J. Lu wrote:
> 2008-03-12  H.J. Lu  <hongjiu.lu@intel.com>
> 
> 	* elf.c (assign_section_numbers): Check if number of sections
> 	>= SHN_LORESERVE.
> 	* elfcode.h (elf_object_p): Likewise.

OK, but

> --- bfd/elfcode.h.64k	2008-03-12 12:32:05.000000000 -0700
> +++ bfd/elfcode.h	2008-03-12 15:30:51.000000000 -0700
> @@ -684,8 +684,14 @@ elf_object_p (bfd *abfd)
>        if (i_ehdrp->e_shnum == SHN_UNDEF)
>  	{
>  	  i_ehdrp->e_shnum = i_shdr.sh_size;
> -	  if (i_ehdrp->e_shnum != i_shdr.sh_size
> -	      || i_ehdrp->e_shnum == 0)
> +	  if (i_ehdrp->e_shnum >= SHN_LORESERVE)
> +	    {
> +	      _bfd_error_handler (_("%B: too many sections: %u"),
> +				  abfd, i_ehdrp->e_shnum);
> +	      abort ();
> +	    }
> +	  else if (i_ehdrp->e_shnum != i_shdr.sh_size
> +		   || i_ehdrp->e_shnum  == 0)
>  	    goto got_wrong_format_error;
>  	}
>  

this should not abort, and you won't ever hit the error message except
on a corrupted file, so I'd prefer the extra test just
goto got_wrong_format_error

Testcase?  Grins.  Just kidding.

-- 
Alan Modra
Australia Development Lab, IBM

Follow-Ups:
- Re: PATCH: Check number of sections overflow
  - From: H.J. Lu

References:
- PATCH: Check number of sections overflow
  - From: H.J. Lu

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]