PR binutils/17512
* objdump.c (display_any_bfd): Avoid infinite loop closing and
opening the same archive again and again.
* archive64.c (bfd_elf64_archive_slurp_armap): Add range checks.
* libbfd.c (safe_read_leb128): New function.
* libbfd-in.h (safe_read_leb128): Add prototype.
* libbfd.h: Regenerate.
* elf-attrs.c (_bfd_elf_parse_attributes): Use safe_read_leb128.
Check for an over-long subsection length.
* elf.c (elf_parse_notes): Check that the namedata is long enough
for the string comparison that is about to be performed.
(elf_read_notes): Zero-terminate the note buffer.
PR binutils/17512
* dwarf.h (struct dwarf_section): Add user_data field.
* dwarf.c (frame_need_space): Check for an over large register
number.
(display_debug_frames): Check the return value from
frame_need_space. Check for a CFA expression that is so long the
start address wraps around.
(debug_displays): Initialise the user_data field.
* objdump.c (load_specific_debug_section): Save the BFD section
pointer in the user_data field of the dwarf_section structure.
(free_debug_section): Update BFD section data when freeing section
contents.
* readelf.c (load_specific_debug_section): Initialise the
user_data field.
* archive.c (do_slurp_coff_armap): Add range checks to prevent
running off the end of the string table.
* compress.c (bfd_get_full_section_contents): Return a NULL
pointer for zero sized sections. Do not attempt to copy a buffer
onto itself.
* elf-attrs.c (_bfd_elf_parse_attributes): Check for an empty
header. Add range checks to avoid running off the end of the
section.
* elf.c (bfd_elf_get_str_section): Seek before allocating so that
if the seek fails, no memory is allocated.
(bfd_elf_string_from_elf_section): Do not allocate a string from a
non string section. It only leads to trouble later on.
(_bfd_elf_print_private_bfd_data): Check for there being too
little external dynamic data.
(bfd_section_from_shdr): Replace assertion with a failure mode.
(bfd_section_from_shdr): When walking a loaded group section use
the internal structure size, not the external size. Check for the
group section being empty.
* elf32-i386.c (elf_i386_rtype_to_howto): Replace assertion with a
failure mode.
* elfcode.h (elf_slurp_reloc_table): Likewise.
* reloc.c (bfd_perform_relocation): Avoid seg-fault if the howto
parameter is NULL.
Handle the case of a zero length section or sub-section in
_bfd_elf_parse_attributes and in doing so prevent an infinite loop
in the parser.
bfd/ChangeLog:
2014-11-06 Will Newton <will.newton@linaro.org>
* elf-attrs.c (_bfd_elf_parse_attributes): Handle zero
length sections and sub-sections.
(struct elf_backend_data): Update comment on obj_attrs_order.
* elf-attrs.c (vendor_obj_attr_size, vendor_set_obj_attr_contents,
_bfd_elf_copy_obj_attributes): Use LEAST_KNOWN_OBJ_ATTRIBUTE
instead of hardcoded 4.
* elf32-arm.c (elf32_arm_obj_attrs_order): Use
LEAST_KNOWN_OBJ_ATTRIBUTE and LEAST_KNOWN_OBJ_ATTRIBUTE + 1
instead of hardcoded 4 and 5.
(elf32_arm_merge_eabi_attributes): Use LEAST_KNOWN_OBJ_ATTRIBUTE
instead of hardcoded 4.
bfd/
* elf-attrs.c (is_default_attr): Support defaultless attributes.
(bfd_elf_add_obj_attr_int): Get type from _bfd_elf_obj_attrs_arg_type.
(bfd_elf_add_obj_attr_string): Likewise.
(bfd_elf_add_obj_attr_int_string): Likewise.
(_bfd_elf_parse_attributes): Allow for unknown flag bits in type.
* elf-bfd.h (struct obj_attribute): Document new flag bit.
* elf32-arm.c (elf32_arm_obj_attrs_arg_type): Specify that
Tag_nodefaults has no default value.
(elf32_arm_merge_eabi_attributes): Modify the Tag_nodefaults
comment to reflect the new state.
gas/
* read.c (s_vendor_attribute): Allow for unknown flag bits in type.
bfd/
* elf-attrs.c (bfd_elf_add_obj_attr_compat): Rename to
bfd_elf_add_obj_attr_int_string.
Read Tag_compatibility from its new location in the attribute array,
rather than the attribute list.
(_bfd_elf_copy_obj_attributes): bfd_elf_add_obj_attr_compat ->
bfd_elf_add_obj_attr_int_string.
(_bfd_elf_parse_attributes): Likewise.
(_bfd_elf_merge_object_attributes): There's now only one
Tag_compatibility, and it's in the array, not the list.
* elf-bfd.h (NUM_KNOWN_OBJ_ATTRIBUTES): Set to 33 to include
Tag_compatibility.
(bfd_elf_add_obj_attr_compat): Rename to
bfd_elf_add_obj_attr_int_string.
(bfd_elf_add_proc_attr_compat): Rename to
bfd_elf_add_proc_attr_int_string.
* elf32-arm.c (elf32_arm_merge_eabi_attributes): Explicitly don't handle
Tag_compatibility.
gas/
* read.c (s_vendor_attribute): bfd_elf_add_obj_attr_compat ->
bfd_elf_add_obj_attr_int_string.
