This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

COFF buffer overflow in mark_relocs

From: Alan Modra <amodra at gmail dot com>
To: binutils at sourceware dot org
Date: Fri, 15 Jul 2016 19:09:09 +0930
Subject: COFF buffer overflow in mark_relocs
Authentication-results: sourceware.org; auth=none

Found when playing with i386-coff absolute relocs.

	* cofflink.c (mark_relocs): Exclude relocs with -1 r_symndx
	from marking sym_indices.

diff --git a/bfd/cofflink.c b/bfd/cofflink.c
index bcdf778..0f6ef59 100644
--- a/bfd/cofflink.c
+++ b/bfd/cofflink.c
@@ -1398,7 +1398,8 @@ mark_relocs (struct coff_final_link_info *flaginfo, bfd *input_bfd)
 	 in the relocation table.  This will then be picked up in the
 	 skip/don't-skip pass.  */
       for (; irel < irelend; irel++)
-	flaginfo->sym_indices[ irel->r_symndx ] = -1;
+	if ((unsigned long) irel->r_symndx < obj_raw_syment_count (input_bfd))
+	  flaginfo->sym_indices[irel->r_symndx] = -1;
     }
 }
 

-- 
Alan Modra
Australia Development Lab, IBM

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]