Commit graph

125 commits

Author SHA1 Message Date
Nick Clifton
7769fa97a0 Fix possible unbounded stack use in peXXigen.c
* peXXigen.c (_bfd_XXi_write_codeview_record): Fix possible
	unbounded stack use.
2016-03-22 10:37:42 +00:00
Nick Clifton
9ae678af99 Use a 32-bit value to hold the section number in the internal COFF symbol structure.
PR ld/19440
inc	* coff/internal.h (internal_syment): Use int to hold section
	number.
	(N_UNDEF): Cast to int not short.
	(N_ABS): Likewise.
	(N_DEBUG): Likewise.
	(N_TV): Likewise.
	(P_TV): Likewise.

bfd	PR ld/19440
	* coff-rs6000.c (_bfd_xcoff_swap_sym_in): Sign extend external
	section number into internal section number.
	* coff64-rs6000.c (_bfd_xcoff64_swap_sym_in): Likewise.
	* coffswap.h (coff_swap_sym_in): Likewise.
	* peXXigen.c (_bfd_XXi_swap_sym_in): Likewise.
	* coffcode.h (_coff_bigobj_swap_sym_in): Make sure that internal
	section number field is big enough to hold the external value.
2016-01-18 15:58:47 +00:00
Alan Modra
6f2750feaf Copyright update for binutils 2016-01-01 23:00:01 +10:30
H.J. Lu
0e1862bb40 Add output_type to bfd_link_info
The "shared" field in bfd_link_info is set for both DSO and and PIE.
There are separate fields for executable and relocatable outputs.  This
patch adds an "output_type" field:

enum output_type
{
  type_unknown = 0,
  type_executable,
  type_dll,
  type_relocatable
};

and a "pic" field to bfd_link_info to replace shared, executable and
relocatable fields so that we can use the "output_type" field to check
for output type and the "pic" field check if output is PIC.  Macros,
bfd_link_executable, bfd_link_dll, bfd_link_relocatable, bfd_link_pic
and bfd_link_pie, are provided to check for output features.

bfd/

	* bfd/aoutx.h: Replace shared, executable, relocatable and pie
	fields with bfd_link_executable, bfd_link_dll,
	bfd_link_relocatable, bfd_link_pic and bfd_link_pie.
	* bfd/bout.c: Likewise.
	* bfd/coff-alpha.c: Likewise.
	* bfd/coff-arm.c: Likewise.
	* bfd/coff-i386.c: Likewise.
	* bfd/coff-i960.c: Likewise.
	* bfd/coff-m68k.c: Likewise.
	* bfd/coff-mcore.c: Likewise.
	* bfd/coff-mips.c: Likewise.
	* bfd/coff-ppc.c: Likewise.
	* bfd/coff-rs6000.c: Likewise.
	* bfd/coff-sh.c: Likewise.
	* bfd/coff-tic80.c: Likewise.
	* bfd/coff-x86_64.c: Likewise.
	* bfd/coff64-rs6000.c: Likewise.
	* bfd/coffgen.c: Likewise.
	* bfd/cofflink.c: Likewise.
	* bfd/ecoff.c: Likewise.
	* bfd/ecofflink.c: Likewise.
	* bfd/elf-bfd.h: Likewise.
	* bfd/elf-eh-frame.c: Likewise.
	* bfd/elf-ifunc.c: Likewise.
	* bfd/elf-m10200.c: Likewise.
	* bfd/elf-m10300.c: Likewise.
	* bfd/elf-s390-common.c: Likewise.
	* bfd/elf-vxworks.c: Likewise.
	* bfd/elf.c: Likewise.
	* bfd/elf32-arm.c: Likewise.
	* bfd/elf32-avr.c: Likewise.
	* bfd/elf32-bfin.c: Likewise.
	* bfd/elf32-cr16.c: Likewise.
	* bfd/elf32-cr16c.c: Likewise.
	* bfd/elf32-cris.c: Likewise.
	* bfd/elf32-crx.c: Likewise.
	* bfd/elf32-d10v.c: Likewise.
	* bfd/elf32-dlx.c: Likewise.
	* bfd/elf32-epiphany.c: Likewise.
	* bfd/elf32-fr30.c: Likewise.
	* bfd/elf32-frv.c: Likewise.
	* bfd/elf32-ft32.c: Likewise.
	* bfd/elf32-h8300.c: Likewise.
	* bfd/elf32-hppa.c: Likewise.
	* bfd/elf32-i370.c: Likewise.
	* bfd/elf32-i386.c: Likewise.
	* bfd/elf32-i860.c: Likewise.
	* bfd/elf32-ip2k.c: Likewise.
	* bfd/elf32-iq2000.c: Likewise.
	* bfd/elf32-lm32.c: Likewise.
	* bfd/elf32-m32c.c: Likewise.
	* bfd/elf32-m32r.c: Likewise.
	* bfd/elf32-m68hc11.c: Likewise.
	* bfd/elf32-m68hc1x.c: Likewise.
	* bfd/elf32-m68k.c: Likewise.
	* bfd/elf32-mcore.c: Likewise.
	* bfd/elf32-mep.c: Likewise.
	* bfd/elf32-metag.c: Likewise.
	* bfd/elf32-microblaze.c: Likewise.
	* bfd/elf32-moxie.c: Likewise.
	* bfd/elf32-msp430.c: Likewise.
	* bfd/elf32-mt.c: Likewise.
	* bfd/elf32-nds32.c: Likewise.
	* bfd/elf32-nios2.c: Likewise.
	* bfd/elf32-or1k.c: Likewise.
	* bfd/elf32-ppc.c: Likewise.
	* bfd/elf32-rl78.c: Likewise.
	* bfd/elf32-rx.c: Likewise.
	* bfd/elf32-s390.c: Likewise.
	* bfd/elf32-score.c: Likewise.
	* bfd/elf32-score7.c: Likewise.
	* bfd/elf32-sh-symbian.c: Likewise.
	* bfd/elf32-sh.c: Likewise.
	* bfd/elf32-sh64.c: Likewise.
	* bfd/elf32-spu.c: Likewise.
	* bfd/elf32-tic6x.c: Likewise.
	* bfd/elf32-tilepro.c: Likewise.
	* bfd/elf32-v850.c: Likewise.
	* bfd/elf32-vax.c: Likewise.
	* bfd/elf32-visium.c: Likewise.
	* bfd/elf32-xc16x.c: Likewise.
	* bfd/elf32-xstormy16.c: Likewise.
	* bfd/elf32-xtensa.c: Likewise.
	* bfd/elf64-alpha.c: Likewise.
	* bfd/elf64-hppa.c: Likewise.
	* bfd/elf64-ia64-vms.c: Likewise.
	* bfd/elf64-mmix.c: Likewise.
	* bfd/elf64-ppc.c: Likewise.
	* bfd/elf64-s390.c: Likewise.
	* bfd/elf64-sh64.c: Likewise.
	* bfd/elf64-x86-64.c: Likewise.
	* bfd/elflink.c: Likewise.
	* bfd/elfnn-aarch64.c: Likewise.
	* bfd/elfnn-ia64.c: Likewise.
	* bfd/elfxx-mips.c: Likewise.
	* bfd/elfxx-sparc.c: Likewise.
	* bfd/elfxx-tilegx.c: Likewise.
	* bfd/i386linux.c: Likewise.
	* bfd/linker.c: Likewise.
	* bfd/m68klinux.c: Likewise.
	* bfd/pdp11.c: Likewise.
	* bfd/pe-mips.c: Likewise.
	* bfd/peXXigen.c: Likewise.
	* bfd/reloc.c: Likewise.
	* bfd/reloc16.c: Likewise.
	* bfd/sparclinux.c: Likewise.
	* bfd/sunos.c: Likewise.
	* bfd/vms-alpha.c: Likewise.
	* bfd/xcofflink.c: Likewise.

include/

	* include/bfdlink.h (output_type): New enum.
	(bfd_link_executable): New macro.
	(bfd_link_dll): Likewise.
	(bfd_link_relocatable): Likewise.
	(bfd_link_pic): Likewise.
	(bfd_link_pie): Likewise.
	(bfd_link_info): Remove shared, executable, pie and relocatable.
	Add output_type and pic.

ld/

	* ld/ldctor.c: Replace shared, executable, relocatable and pie
	fields with bfd_link_executable, bfd_link_dll,
	bfd_link_relocatable, bfd_link_pic and bfd_link_pie.
	* ld/ldemul.c: Likewise.
	* ld/ldfile.c: Likewise.
	* ld/ldlang.c: Likewise.
	* ld/ldmain.c: Likewise.
	* ld/ldwrite.c: Likewise.
	* ld/lexsup.c: Likewise.
	* ld/pe-dll.c: Likewise.
	* ld/plugin.c: Likewise.
	* ld/emultempl/aarch64elf.em: Likewise.
	* ld/emultempl/aix.em: Likewise.
	* ld/emultempl/alphaelf.em: Likewise.
	* ld/emultempl/armcoff.em: Likewise.
	* ld/emultempl/armelf.em: Likewise.
	* ld/emultempl/avrelf.em: Likewise.
	* ld/emultempl/beos.em: Likewise.
	* ld/emultempl/cr16elf.em: Likewise.
	* ld/emultempl/elf-generic.em: Likewise.
	* ld/emultempl/elf32.em: Likewise.
	* ld/emultempl/genelf.em: Likewise.
	* ld/emultempl/generic.em: Likewise.
	* ld/emultempl/gld960.em: Likewise.
	* ld/emultempl/gld960c.em: Likewise.
	* ld/emultempl/hppaelf.em: Likewise.
	* ld/emultempl/irix.em: Likewise.
	* ld/emultempl/linux.em: Likewise.
	* ld/emultempl/lnk960.em: Likewise.
	* ld/emultempl/m68hc1xelf.em: Likewise.
	* ld/emultempl/m68kcoff.em: Likewise.
	* ld/emultempl/m68kelf.em: Likewise.
	* ld/emultempl/metagelf.em: Likewise.
	* ld/emultempl/mipself.em: Likewise.
	* ld/emultempl/mmo.em: Likewise.
	* ld/emultempl/msp430.em: Likewise.
	* ld/emultempl/nds32elf.em: Likewise.
	* ld/emultempl/needrelax.em: Likewise.
	* ld/emultempl/nios2elf.em: Likewise.
	* ld/emultempl/pe.em: Likewise.
	* ld/emultempl/pep.em: Likewise.
	* ld/emultempl/ppc32elf.em: Likewise.
	* ld/emultempl/ppc64elf.em: Likewise.
	* ld/emultempl/sh64elf.em: Likewise.
	* ld/emultempl/solaris2.em: Likewise.
	* ld/emultempl/spuelf.em: Likewise.
	* ld/emultempl/sunos.em: Likewise.
	* ld/emultempl/tic6xdsbt.em: Likewise.
	* ld/emultempl/ticoff.em: Likewise.
	* ld/emultempl/v850elf.em: Likewise.
	* ld/emultempl/vms.em: Likewise.
	* ld/emultempl/vxworks.em: Likewise.
2015-08-18 05:51:19 -07:00
H.J. Lu
1b7868733d Remove trailing spaces in bfd 2015-08-12 04:32:43 -07:00
Jon Turney
c74f7d1c6c Allow gdb to find debug symbols file by build-id for PE file format also
This promotes BFD's struct elf_build_id to the generic struct bfd_build_id,
populated when an ELF or PE BFD is read.

gdb is updated to use that, and to use the build-id to find symbols for PE files
also.

There is currently no generic way to extract the build-id from an object file,
perhaps an option to objdump to do this might make sense?

On x86_64-pc-cygwin, gdb's sepdebug.exp changes:

-# of unsupported tests          1
+# of expected passes            90

I don't seem to get consistent testsuite runs on i686-linux-gnu, but there
don't appear to be any regressions.

bfd/ChangeLog:

2015-06-10  Jon Turney  <jon.turney@dronecode.org.uk>

	* elf-bfd.h : Remove struct elf_build_id.
	* bfd.c : Add struct bfd_build_id.
	* bfd-in2.h: Regenerate.
	* elf.c (elfobj_grok_gnu_build_id): Update to use bfd_build_id.
	* libpei.h: Add protoype and macros for
	bfd_XXi_slurp_codeview_record.
	* peXXigen.c (_bfd_XXi_slurp_codeview_record): Make public
	* peicode.h (pe_bfd_read_buildid): Add.
	(pe_bfd_object_p): Use pe_bfd_read_buildid().

gdb/ChangeLog:

2015-06-10  Jon Turney  <jon.turney@dronecode.org.uk>

	* build-id.c: Don't include elf-bfd.h.
	(build_id_bfd_get): Use bfd_build_id.
	(build_id_verify): Ditto.
	* build-id.h: Ditto.
	(find_separate_debug_file_by_buildid): Ditto.
	* python/py-objfile.c: Don't include elf-bfd.h.
	(objfpy_get_build_id) Use bfd_build_id.
	(objfpy_build_id_matches, objfpy_lookup_objfile_by_build_id): Ditto.
	* coffread.c: Include build-id.h.
	(coff_symfile_read): Try find_separate_debug_file_by_buildid.

gdb/doc/ChangeLog:

2015-06-10  Jon Turney  <jon.turney@dronecode.org.uk>

	* gdb.texinfo (Separate Debug Files): Document that PE is also
	supported.

gdb/testsuite/ChangeLog:

2015-06-10  Jon Turney  <jon.turney@dronecode.org.uk>

	* gdb.base/sepdebug.exp: Add EXEEXT where needed.
	* lib/gdb.exp (get_build_id): Teach how to extract build-id from a
	PE file.
	* lib/future.exp (gdb_find_objdump): Add gdb_find_objdump.

Signed-off-by: Jon Turney <jon.turney@dronecode.org.uk>
2015-06-15 12:10:55 +01:00
Toni Spets
9ac47a43ff Skip discarded resource sections when building a PE resource table.
PR ld/18372
	* peXXigen.c (rsrc_process_section): Skip discarded resource
	sections.
2015-05-06 14:18:34 +01:00
Nick Clifton
c86934ceee Fixes illegal memory access errors and arithmetic overflows when running strip on fuzzed binaries.
PR binutils/17512
	* coffcode.h (coff_compute_section_file_positions): Report
	negative page sizes.
	* elf.c (elf_fake_sections): Handle excessive alignmment powers.
	(assign_file_positions_for_non_load_sections): Replace assertion
	with an error message.
	(rewrite_elf_program_header): Handle excessive segment
	alignments.
	* mach-o.c (bfd_mach_o_read_section_32): Likewise.
	(bfd_mach_o_read_section_64): Likewise.
	* peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Use %B to
	print a bfd name, not %A.
2015-02-26 21:32:04 +00:00
Nick Clifton
31593e1b96 Fixes compiling peXXigen under MAC OS/X where the wcsncasecmp function is not available.
* configure.ac (AC_CHECK_HEADERS): Add wctype.h.
	* configure: Regenerate.
	* config.in: Regenerate.
	* peXXigen.c: Include wctype.h if HAVE_WCTYPE_H is defined.
	(u16_mbtowc): Use wint_t types if HAVE_WCTYPE_H is defined.
	(rsrc_cmp): Use towlower instead of wcsncasecmp if HAVE_WCTYPE_H
	is defined.
2015-02-24 17:01:23 +00:00
Nick Clifton
77ef865475 Fix memory access violations triggered by running objdump compiled with out-of-bounds sanitization checking.
PR binutils/17512
	* dwarf.c (eh_addr_size): Use an unsigned type.
	(size_of_encoded_value): Return an unsigned type.
	(read_leb128): Break if the shift becomes too big.
	(process_extended_line_op): Do not read the address if the length
	is too long.
	(read_cie): Warn and fail if the pointer size or segment size are
	too big.
	* dwarf.h (DWARF2_External_LineInfo): Delete unused and incorrect
	structure definition.
	(DWARF2_External_PubNames): Likewise.
	(DWARF2_External_CompUnit): Likewise.
	(DWARF2_External_ARange): Likewise.
	(DWARF2_Internal_LineInfo): Use dwarf_vma type for
	li_prologue_length.
	(eh_addr_size): Update prototype.

	* coffcode.h (styp_to_sec_flags): Use an unsigned long type to
	hold the flag bits.
	* peXXigen.c (pe_print_reloc): Use unsigned types to hold the
	size and number of relocs.
	(pe_print_debugdata): Use a 32-bit aligned buffer to store the
	codeview record.
	* versados.c (process_otr): Check the esdid value before using it
	to access the EDATA.
2015-02-10 14:11:00 +00:00
Nick Clifton
5929c344f9 Fixes illegal memory accesses triggereb by running a 32-bit binary version of objdump compiled on a 64-bit host.
PR binutils/17512
	* dwarf.c (display_debug_frames): Fix range checks to work on
	32-bit binaries complied on a 64-bit host.

	* peXXigen.c (rsrc_print_resource_entries): Add range check for
	addresses that wrap around the address space.
	(rsrc_parse_entry): Likewise.
2015-02-06 11:12:54 +00:00
Nick Clifton
64d2901806 More fixes for illegal memory accesses triggered by running objdump on fuzzed binaries.
PR binutils/17512
	* objdump.c (display_any_bfd): Fail if archives nest too deeply.

	* ecoff.c: Use bfd_alloc2 to allocate space for structure arrays.
	(_bfd_ecoff_slurp_symbol_table): Check for a negative symbol
	index or an out of range fdr index.
	* elf-m10300.c (mn10300_info_to_howto): Fix typo in error message.
	* elf32-arc.c (arc_info_to_howto_rel): Likewise.
	* elf32-avr.c (avr_info_to_howto_rela): Likewise.
	* elf32-cr16.c (elf_cr16_info_to_howto): Likewise.
	* elf32-cr16c.c (elf_cr16c_info_to_howto_rel): Likewise.
	* elf32-cris.c (cris_info_to_howto_rela): Likewise.
	* elf32-crx.c (elf_crx_info_to_howto): Likewise.
	* elf32-d10v.c (d10v_info_to_howto_rel): Likewise.
	* elf32-d30v.c (d30v_info_to_howto_rel): Likewise.
	* elf32-epiphany.c (epiphany_info_to_howto_rela): Likewise.
	* elf32-fr30.c (fr30_info_to_howto_rela): Likewise.
	* elf32-frv.c (frv_info_to_howto_rela): Likewise.
	* elf32-i370.c (i370_elf_info_to_howto): Likewise.
	* elf32-i960.c (elf32_i960_info_to_howto_rel): Likewise.
	* elf32-ip2k.c (ip2k_info_to_howto_rela): Likewise.
	* elf32-iq2000.c (iq2000_info_to_howto_rela): Likewise.
	* elf32-lm32.c (lm32_info_to_howto_rela): Likewise.
	* elf32-m32c.c (m32c_info_to_howto_rela): Likewise.
	* elf32-m32r.c (m32r_info_to_howto_rel): Likewise.
	* elf32-m68hc11.c (m68hc11_info_to_howto_rel): Likewise.
	* elf32-m68hc12.c (m68hc11_info_to_howto_rel): Likewise.
	* elf32-mcore.c (mcore_elf_info_to_howto): Likewise.
	* elf32-mep.c (mep_info_to_howto_rela): Likewise.
	* elf32-metag.c (metag_info_to_howto_rela): Likewise.
	* elf32-microblaze.c (microblaze_elf_info_to_howto): Likewise.
	* elf32-moxie.c (moxie_info_to_howto_rela): Likewise.
	* elf32-msp430.c (msp430_info_to_howto_rela): Likewise.
	* elf32-mt.c (mt_info_to_howto_rela): Likewise.
	* elf32-nds32.c (nds32_info_to_howto_rel): Likewise.
	* elf32-or1k.c (or1k_info_to_howto_rela): Likewise.
	* elf32-pj.c (pj_elf_info_to_howto): Likewise.
	* elf32-ppc.c (ppc_elf_info_to_howto): Likewise.
	* elf32-rl78.c (rl78_info_to_howto_rela): Likewise.
	* elf32-rx.c (rx_info_to_howto_rela): Likewise.
	* elf32-sh.c (sh_elf_info_to_howto): Likewise.
	* elf32-spu.c (spu_elf_info_to_howto): Likewise.
	* elf32-v850.c (v850_elf_perform_relocation): Likewise.
	* elf32-vax.c (rtype_to_howto): Likewise.
	* elf32-visium.c (visium_info_to_howto_rela): Likewise.
	* elf32-xgate.c (xgate_info_to_howto_rel): Likewise.
	* elf32-xtensa.c (elf_xtensa_info_to_howto_rela): Likewise.
	* elf64-alpha.c (elf64_alpha_info_to_howto): Likewise.
	* elf64-mmix.c (mmix_info_to_howto_rela): Likewise.
	* mach-o.c: Use bfd_alloc2 to allocate space for structure arrays.
	(bfd_mach_o_canonicalize_one_reloc): Fix check on out
	of range symbol indicies.
	(bfd_mach_o_canonicalize_relocs): Check for out of range alloc.
	(bfd_mach_o_canonicalize_dynamic_reloc): Likewise.
	(bfd_mach_o_build_dysymtab): Likewise.
	(bfd_mach_o_write_symtab_content): Set the string table size to
	zero upon error.
	(bfd_mach_o_read_symtab_symbols): Reset the nsyms value if the
	read fails.
	* peXXigen.c (pe_print_edata):  Check for numeric overflow in edt
	fields.
	* tekhex.c (first_phase): Check for src pointer reaching end of
	buffer.
2015-02-03 14:34:54 +00:00
Nick Clifton
86eafac0aa Fix memory access violations triggered by running strip on fuzzed binaries.
PR binutils/17512
	* coffcode.h (coff_set_arch_mach_hook): Check return value from
	bfd_malloc.
	(coff_slurp_line_table): Return FALSE if the line number
	information was corrupt.
	(coff_slurp_symbol_table): Return FALSE if the symbol information
	was corrupt.
	* mach-o.c (bfd_mach_o_bfd_copy_private_header_data): Always
	initialise the fields of the dyld_info structure.
	(bfd_mach_o_build_exec_seg_command): Replace assertion with an
	error message and a return value.
	(bfd_mach_o_layout_commands): Change the function to boolean.
	Return FALSE if the function fails.
	(bfd_mach_o_build_commands): Fail if bfd_mach_o_layout_commands
	fails.
	(bfd_mach_o_read_command): Fail if an unrecognised command is
	encountered.
	* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Set bfd_error if the
	read fails.
	(slurp_symtab): Check the return from bfd_malloc.
	(_bfd_XX_bfd_copy_private_bfd_data_common): Fail if the copy
	encountered an error.
	(_bfd_XXi_final_link_postscript): Fail if a section could not be
	copied.
	* peicode.h (pe_bfd_object_p): Fail if the header could not be
	swapped in.
	* tekhex.c (first_phase): Fail if the section is too big.
	* versados.c (struct esdid): Add content_size field.
	(process_otr): Use and check the new field.
	(versados_get_section_contents): Check that the section exists and
	that the requested data is available.

	PR binutils/17512
	* addr2line.c (main): Call bfd_set_error_program_name.
	* ar.c (main): Likewise.
	* coffdump.c (main): Likewise.
	* cxxfilt.c (main): Likewise.
	* dlltool.c (main): Likewise.
	* nlmconv.c (main): Likewise.
	* nm.c (main): Likewise.
	* objdump.c (main): Likewise.
	* size.c (main): Likewise.
	* srconv.c (main): Likewise.
	* strings.c (main): Likewise.
	* sysdump.c (main): Likewise.
	* windmc.c (main): Likewise.
	* windres.c (main): Likewise.
	* objcopy.c (main): Likewise.
	(copy_relocations_in_section): Check for relocs without associated
	symbol pointers.
2015-01-21 17:37:23 +00:00
Nick Clifton
063bb0250d Fix memory access violations exposed by running strip on fuzzed binaries.
PR binutils/17512
	* coffcode.h (coff_slurp_symbol_table): Return false if we failed
	to load the line table.
	* elf.c (_bfd_elf_map_sections_to_segments): Enforce a minimum
	maxpagesize of 1.
	* peXXigen.c (_bfd_XX_bfd_copy_private_bfd_data_common): Fail if
	the Data Directory Size is too large.

	* objcopy.c (copy_object): Free the symbol table if no symbols
	could be loaded.
	(copy_file): Use bfd_close_all_done to close files that could not
	be copied.
2015-01-08 15:39:49 +00:00
Alan Modra
b90efa5b79 ChangeLog rotatation and copyright year update 2015-01-02 00:53:45 +10:30
Nick Clifton
6937bb54a9 More fixes for illegal memory accesses exposed by fuzzed binaries.
PR binutils/17512
	* peXXIgen.c (pe_print_pdata): Fail if the section's virtual size
	is larger than its real size.
	(rsrc_print_section): Fix off-by-one error checking for overflow.
	* pei-x86_64.c (pex64_bfd_print_pdata): Handle empty unwind
	sections.

	* dwarf.c (get_encoded_value): Warn and return if the encoded
	value is more than 64-bits long.
	(SAFE_BYTE_GET): Do not attempt to read more than 64-bits.
	(process_extended_line_op): Add more range checks.
	(decode_location_expression): Use the return value from
	display_block.  Add more range checks.
	(read_debug_line_header): Add range check.
	(display_debug_lines_raw): Add range checks.
	(display_debug_frames): Silently skip multiple zero terminators.
	Add range checks.
	(process_cu_tu_index): Check for non-existant or empty sections.
	Use SAFE_BYTE_GET instead of byte_get.
2014-11-18 14:40:05 +00:00
Nick Clifton
f41e4712a7 Fix more memory faults uncovered by fuzzing various executables.
PR binutils/17512
	* dwarf.c (read_and_display_attr_value): Check that we do not read
	past end.
	(display_debug_pubnames_worker): Add range checks.
	(process_debug_info): Check for invalid pointer sizes.
	(display_loc_list): Likewise.
	(display_loc_list_dwo): Likewise.
	(display_debug_ranges): Likewise.
	(display_debug_aranges): Check for invalid address size.
	(read_cie): Add range checks.  Replace call strchr with while loop.
	* objdump.c (dump_dwarf): Replace abort with a warning message.
	(print_section_stabs): Improve range checks.
	* rdcoff.c (coff_get_slot): Use long for indx parameter type.
	Add check for an excesively large index.
	* rddbg.c (read_section_stabs_debugging_info): Zero terminate the
	string table.  Avoid walking off the end of the stabs data.
	* stabs.c (parse_stab_string): Add check for a NULL name.

	PR binutils/17512
	* coffcode.h (coff_slurp_line_table): Set the line number of
	corrupt entries to -1.
	(coff_slurp_symbol_table): Alway initialise the value of the
	symbol.
	* coffgen.c (coff_print_symbol): Check that the combined pointer
	is valid.
	(coff_print_symbol): Do not print negative line numbers.
	* peXXigen.c (pe_print_idata): Add range checking displaying
	member names.
2014-11-12 22:39:58 +00:00
Nick Clifton
201159ecec More fixes for invalid memory accesses, uncovered by valgrind and binary fuzzers.
PR binutils/17512
	* coffcode.h (coff_slurp_line_table): Initialise the parts of the
	line number cache that would not be initialised by the copy from
	the new line number table.
	(coff_classify_symbol): Allow for _bfd_coff_internal_syment_name
	returning NULL.
	* coffgen.c (coff_get_normalized_symbols): Get the external
	symbols before allocating space for the internal symbols, in case
	the get fails.
	* elf.c (_bfd_elf_slurp_version_tables): Only allocate a verref
	array if one is needed.  Likewise with the verdef array.
	* peXXigen.c (_bfd_XXi_swap_sym_in): Replace abort()'s with error
	messages.
	(_bfd_XXi_swap_aux_in): Make sure that all fields of the aux
	structure are initialised.
	(pe_print_edata): Avoid reading off the end of the data buffer.
2014-11-11 15:34:27 +00:00
Nick Clifton
36e9d67b86 More fixes for problems exposed by valgrind and the address sanitizer
when displaying the contents of corrupt files.

	PR binutils/17521
	* coff-i386.c (NUM_HOWTOS): New define.
	(RTYPE2HOWTO): Use it.
	(coff_i386_rtype_to_howto): Likewise.
	(coff_i386_reloc_name_lookup): Likewise.
	(CALC_ADDEND): Check that reloc r_type field is valid.
	* coff-x86_64.c (NUM_HOWTOS): New define.
	(RTYPE2HOWTO): Use it.
	(coff_amd64_rtype_to_howto): Likewise.
	(coff_amd64_reloc_name_lookup): Likewise.
	(CALC_ADDEND): Check that reloc r_type field is valid.
	* coffcode.h (coff_slurp_line_table): Check for symbol table
	indexing underflow.
	(coff_slurp_symbol_table): Use zalloc to ensure that all table
	entries are initialised.
	* coffgen.c (_bfd_coff_read_string_table): Initialise unused bits
	in the string table.  Also ensure that the table is 0 terminated.
	(coff_get_normalized_symtab): Check for symbol table indexing
	underflow.
	* opncls.c (bfd_alloc): Catch the case where a small negative size
	can result in only 1 byte being allocated.
	(bfd_alloc2): Use bfd_alloc.
	* pe-mips.c (NUM_HOWTOS): New define.
	(coff_mips_reloc_name_lookup): Use it.
	(CALC_ADDEND): Check that reloc r_type field is valid.
	* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Initialise unused entries
	in the DataDirectory.
	(pe_print_idata): Avoid reading beyond the end of the data block
	wen printing strings.
	(pe_print_edata): Likewise.
	Check for table indexing underflow.
	* peicode.h (pe_mkobject): Initialise the pe_opthdr field.
	(pe_bfd_object_p): Allocate and initialize enough space to hold a
	PEAOUTHDR, even if the opt_hdr field specified less.
2014-11-10 14:27:38 +00:00
Alan Modra
d1f5d98a18 Correct buffer overrun test
* peXXigen.c (pe_print_idata): Revert last patch, cast lhs instead.
2014-11-08 12:40:09 +10:30
H.J. Lu
0115826241 Cast to unsigned long in range checks
* peXXigen.c (pe_print_idata): Cast to unsigned long in range
	checks.
2014-11-07 13:39:15 -08:00
Nick Clifton
a6f921c877 More fixes for memory problems uncovered by file fuzzers.
PR binutils/17512
	* coffcode.h (handle_COMDAT): Replace abort with BFD_ASSERT.
	Replace another abort with an error message.
	(coff_slurp_line_table): Add more range checking.
	* peXXigen.c (pe_print_debugdata): Add range checking.
2014-11-05 17:57:54 +00:00
Nick Clifton
20ad5e2842 More fixes for processing corrupt files.
PR binutils/17512
	* coffcode.h (coff_set_alignment_hook): Warn if the file lies
	about the number of relocations it contains.
	(coff_sort_func_alent): Return 0 if the pointers are NULL.
	(coff_slurp_line_table): Add more range checks.  Do not free new
	tables created when sorting line numbers.
	* peXXigen.c (pe_print_idata): Add range checks.
	(pe_print_edata): Likewise.
	(rsrc_print_resource_entries): Likewise.  Avoid printing control
	characters.  Terminate priniting if corruption is detected.
	(rsrc_print_resource_directory): Terminate printing if an unknown
	directory type is encountered.
	(pe_print_debugdata): Fix off-by-one error.
	(rsrc_count_entries): Add range checking.
	(rsrc_parse_entry): Likewise.
2014-11-05 10:13:16 +00:00
Nick Clifton
5a3f568b70 More fixes for buffer overruns instigated by corrupt binaries.
PR binutils/17512
	* objdump.c (slurp_symtab): Fail gracefully if the table could not
	be read.
	(dump_relocs_in_section): Likewise.

	* aoutx.h (slurp_symbol_table): Check that computed table size is
	not bigger than the file from which is it being read.
	(slurp_reloc_table): Likewise.
	* coffcode.h (coff_slurp_line_table): Remove unneeded local
	'warned'.  Do not try to print the details of a symbol with an
	invalid index.
	* coffgen.c (make_a_sectiobn_from_file): Check computed string
	index against length of string table.
	(bfd_coff_internal_syment_name): Check read in string offset
	against length of string table.
	(build_debug_section): Return a pointer to the section used.
	(_bfd_coff_read_string_table): Store the length of the string
	table in the coff_tdata structure.
	(bfd_coff_free_symbols): Set the length of the string table to
	zero when it is freed.
	(coff_get_normalized_symtab): Check offsets against string table
	or data table lengths as appropriate.
	* cofflink.c (_bfd_coff_link_input_bfd): Check offset against
	length of string table.
	* compress.c (bfd_get_full_section_contents): Check computed size
	against the size of the file.
	* libcoff-in.h (obj_coff_strings_len): Define.
	(struct coff_tdata): Add strings_len field.
	* libcoff.h: Regenerate.
	* peXXigen.c (pe_print_debugdata): Do not attempt to print the
	data if the debug section is too small.
	* xcofflink.c (xcoff_link_input_bfd):  Check offset against
	length of string table.
2014-11-03 17:44:00 +00:00
Nick Clifton
5a4b0ccc20 More fixes for corrupt binaries crashing the binutils.
PR binutils/17512
	* elf.c (bfd_section_from_shdr): Allocate and free the recursion
	detection table on a per-bfd basis.
	* peXXigen.c (pe_print_edata): Handle binaries with a truncated
	export table.
2014-10-28 15:42:56 +00:00
Nick Clifton
708d7d0d11 This patch fixes a flaw in the SREC parser which could cause a stack overflow
and potential secuiryt breach.

	PR binutils/17510
	* srec.c (srec_bad_byte): Increase size of buf to allow for
	negative values.
	(srec_scan): Use an unsigned char buffer to hold header bytes.
2014-10-28 10:48:14 +00:00
Nick Clifton
bf67003b45 This fixes more seg-faults in tools like "strings" and "objdump" when
presented with corrupt binaries.

	PR binutils/17512
	* elf.c (bfd_section_from_shdr): Detect and warn about ELF
	binaries with a group of sections linked by the string table
	indicies.
	* peXXigen.c (pe_print_edata): Detect out of range rvas and
	entry counts for the Export Address table, Name Pointer table
	 and Ordinal table.
2014-10-27 18:05:37 +00:00
Nick Clifton
7e1e19887a Fix a seg-fault in strings and other binutuils when parsing a corrupt PE
executable with an invalid value in the NumberOfRvaAndSizes field of the
AOUT header.

	PR binutils/17512
	* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Handle corrupt binaries
	with an invalid value for NumberOfRvaAndSizes.
2014-10-27 14:45:06 +00:00
Alan Modra
513ea82edf Fix for objdump segfault on broken PE executable
* peXXigen.c (pe_print_reloc): Protect against access past end
	of .reloc section.
2014-08-14 16:57:08 +09:30
Alan Modra
c72f2fb2bb Make bfd.link_next field a union
This field of struct bfd is currently only used to chain together
linker input files.  This patch prepares to use the field to stash
the linker hash table, which is always created on the linker output
file.

bfd/
	* bfd.c (struct bfd): Replace link_next with a union.
	* aoutx.h, * bfd.c, * coff-ppc.c, * coff-rs6000.c, * cofflink.c,
	* ecoff.c, * elf-m10300.c, * elf32-arm.c, * elf32-avr.c,
	* elf32-hppa.c, * elf32-i386.c, * elf32-lm32.c, * elf32-m32c.c,
	* elf32-m32r.c, * elf32-m68hc1x.c, * elf32-metag.c,
	* elf32-microblaze.c, * elf32-nds32.c, * elf32-nios2.c,
	* elf32-or1k.c, * elf32-ppc.c, * elf32-rl78.c, * elf32-s390.c,
	* elf32-score.c, * elf32-score7.c, * elf32-sh.c, * elf32-spu.c,
	* elf32-tic6x.c, * elf32-tilepro.c, * elf32-xstormy16.c,
	* elf32-xtensa.c, * elf64-alpha.c, * elf64-hppa.c, * elf64-ia64-vms.c,
	* elf64-mmix.c, * elf64-ppc.c, * elf64-s390.c, * elf64-x86-64.c,
	* elflink.c, * elfnn-aarch64.c, * elfxx-mips.c, * elfxx-sparc.c,
	* elfxx-tilegx.c, * linker.c, * pdp11.c, * peXXigen.c, * simple.c,
	* sunos.c, * vms-alpha.c, * xcofflink.c: Update for above.
	* bfd-in2.h: Regenerate.
include/
	* bfdlink.h: Update for bfd.link_next change.
ld/
	* emultempl/cr16elf.em, * emultempl/elf32.em, * emultempl/genelf.em,
	* emultempl/m68kcoff.em, * emultempl/m68kelf.em,
	* emultempl/nds32elf.em, * emultempl/pe.em, * emultempl/pep.em,
	* ldlang.c, * ldmain.c, * pe-dll.c: Update for bfd.link_next change.
2014-06-13 19:10:57 +09:30
Nick Clifton
c32abae845 This is to fix a further problem with merging resource sections. It turns
out that the section is supposed to be page-aligned, but the newly merged
section was not being padded out to a page boundary.  This meant that when
the executable was stripped a badly sized .rsrc section was written out.

	PR ld/16807
	* peXXigen.c (rsrc_process_section): Page align the new contents
	befgore writing out.
2014-06-03 17:18:27 +01:00
Jon Turney
6e6e7cfc78 This fixes a few issues with pe/coff build-ids that were discovered since the
original patches were posted:

  pe/coff: Display GUID build-id in the conventional way
  pe/coff: Don't interpret debug directory in section with no contents
  pe/coff: Keep .build-id with --only-keep-debug
  pe/coff: Don't break .build-id with objcopy/strip

	* peXXigen.c (pe_print_debugdata): Don't interpret debug directory
	in a section with no contents.
	(is_vma_in_section, find_section_by_vma): New functions.
	(_bfd_XX_bfd_copy_private_bfd_data_common): Recalculate file
	offsets in the debug directory.
	(_bfd_XXi_slurp_codeview_record, _bfd_XXi_write_codeview_record):
	Byte-swap GUID from little-endian to big-endian order for
	consistent and conventional display.

	* objcopy.c (is_nondebug_keep_contents_section): New function.
	(setup_section): Use it.
2014-05-16 15:34:13 +01:00
Nick Clifton
40af4a3636 This patch reworks the fix to avoid a compile time warning so that it will work
with later versions of gcc.

	PR ld/16821
	* peXXigen.c (_bfd_XXi_swap_sym_out): Rework fix to avoid compile
	time warning.
2014-04-28 09:34:02 +01:00
Nick Clifton
88667baf24 This fixes a compile time warning which is being treated as an error. Older
versions of gcc complain about part of a conditional expression always
evaluating to false because of the size of the operands involved, even when
the entire expression is already known to be false.

	* peXXigen.c (_bfd_XXi_swap_sym_out): Another fix for building on
	a 342-bit host.  This time for older versions of gcc.
2014-04-25 17:00:20 +01:00
Nick Clifton
08937d8023 * peXXigen.c (rsrc_print_section): Fix compile time warning for
32-bit hosts.
2014-04-24 15:49:37 +01:00
Nick Clifton
3714081cb3 Fix PE/COFF resource merging problems. There were two issues:
1. Strings (and then resource data) must follow immediately after
     the end of the tables.
  2. Units of resource data must be 8-byte aligned.

	PR ld/16807
	* peXXigen.c (struct rsrc_regions): New structure.
	(rsrc_print_resource_directory): Use new structure.  Include
	offset of directory in listing.
	(rsrc_print_resource_entry): Likewise.
	(rsrc_print_section): Likewise.
	(rsrc_count_entries): Do not increment sizeof_strings or
	sizeof_leaves.
	(rsrc_count_directory): Do not increment sizeof_tables.
	(rsrc_compute_region_sizes): New function.
	(rsrc_write_leaf): Maintain 8-byte alignment for resource data.
	(rsrc_process_section): Compute size of regions after merging
	entries.
2014-04-24 11:15:43 +01:00
Nick Clifton
d5f59c10fc Another fix for building on a 32-bit host.
PR ld/16821
	* peXXigen.c (_bfd_XXi_swap_sym_out): Fix for 32-bit hosts.
2014-04-22 16:57:34 +01:00
Yuanhui Zhang
285fc9d8f8 Fix build problem on 32-bit hosts with the recent patch for PR 16821.
PR ld/16821
	* peXXigen.c (abs_finder): Fix for 32-bit host builds.
2014-04-22 11:00:39 +01:00
Nick Clifton
32ae0d80cd PE32+ binaries that use addresses > 1^32 have a problem in that the linker
converts some address expressions into absolute values, but the PE format
only stores absolutes as 32-bits.  This is a partial solution which attempts
to convert such absolute values back to section relative ones instead.  It
fails for symbols like __image_base and ImageBase__, but it is unclear as to
whether these values are ever actually used by applications.

	PR ld/16821
	* peXXigen.c (abs_finder): New function.
	(_bfd_XXi_swap_sym_out): For absolute symbols with values larger
	than 1^32 try to convert them into section relative values
	instead.
2014-04-11 16:02:52 +01:00
Jon TURNEY
61e2488cd8 Add support for generating and inserting build IDs into COFF binaries.
* peXXigen.c (pe_print_debugdata): New function: Displays the
	contents of the debug directory and decodes codeview entries.
	(_bfd_XXi_swap_debugdir_in, _bfd_XXi_swap_debugdir_out)
	(_bfd_XXi_slurp_codeview_record, _bfd_XXi_write_codeview_record):
	Add functions for reading and writing debugdir and codeview
	records.
	* libpei.h (_bfd_XXi_swap_debugdir_in, _bfd_XXi_swap_debugdir_out)
	(_bfd_XXi_write_codeview_record): Add prototypes and macros.
	* libcoff-in.h (pe_tdata): Add build-id data.
	* libcoff.h: Regenerate.
	* coffcode.h (coff_write_object_contents): Run build_id
	after_write_object_contents hook.

	* pe.h (external_IMAGE_DEBUG_DIRECTORY, _CV_INFO_PDB70)
	(_CV_INFO_PDB20): Add structures and constants for debug directory
	and codeview records.
	* internal.h (internal_IMAGE_DEBUG_DIRECTORY, CODEVIEW_INFO):
	Add structures and constants for internal representation of debug
	directory and codeview records.

	* emultempl/elf32.em (id_note_section_size, read_hex, write_build_id):
	Move code for parsing build-id option and calculating the build-id to...
	* ldbuildid.c: New file.
	* ldbuildid.h: New file.
	* Makefile.am (CFILES, HFILES, OFILES, ld_new_SOURCES): Add new
	files.
	* Makefile.in: Regenerate.
	* ld.texinfo: Update --build-id description to mention COFF
	support.
	* NEWS: Mention support for COFF build ids.
	* emultempl/pe.em (gld${EMULATION_NAME}_handle_option):
	(pecoff_checksum_contents, write_build_id, setup_build_id)
	(gld_${EMULATION_NAME}_after_open):  Handle and implement
	build-id option.
	* emultempl/pep.em: Likewise.
2014-04-08 10:59:43 +01:00
Jon Turney
b69c872805 * peXXigen.c (pe_print_edata): Verify edt.name lies inside
section before dereferencing.
	(pe_print_idata, pe_print_edata, pe_print_reloc)
	(rsrc_print_section): Don't bother interpreting the contents
	of sections which have no contents.
2014-04-03 12:26:27 +01:00
Nick Clifton
6caf711179 Improve .rsrc section merging again. This time with an algorithm that
should work for all types of input .rsrc section.

	* peXXigen.c (rsrc_process_section): Add code to scan input
	sections and record their lengths.  Use these lengths to find the
	start of each merged .rsrc section.

	* scripttempl/pe.sc (R_RSRC): Fix default-manifest exclusion.
	(.rsrc): Add SUBALIGN(4).  Remove SORT.
	* scripttempl/pep.sc: Likewise.
2014-03-19 14:46:15 +00:00
Nick Clifton
1d63324c56 Improve .rsrc section merging with better handling of the alignment adjustments
made between merged .rsrc sections.

	* peXXigen.c (rsrc_align): New function.  Attempts to cope with
	alignment variances when .rsrc sections are merged.
	(rsrc_process_section): Use rsrc_align.

	* Makefile.am (default-manifest.o): Use WINDRES_FOR_TARGET.
	* Makefile.in: Regenerate.
	* emultempl/default-manifest.rc: Fix typo.
	* scripttempl/pe.sc (R_RSRC): Fix default-manifest exclusion.
	(.rsrc): Add SUBALIGN(4).
	* scripttempl/pep.sc: Likewise.
2014-03-19 08:51:20 +00:00
Alan Modra
4b95cf5c0c Update copyright years 2014-03-05 22:16:15 +10:30
Ilya Tocar
1f93a6d6f3 * peXXigen.c (rsrc_process_section): Use ptrdiff_t as the type for
pointer arithmetic.
2013-12-30 15:28:41 +00:00
Pierre Muller
3f10b67a59 * Fix indentation issue and reorganize last commit entry
so that it is shorter than 80.
  peXXigen.c (rsrc_cmp): Fix unused variable warning.
2013-12-19 18:26:19 +01:00
Pierre Muller
9373215cff * peXXigen.c (u16_mbtouc): Avoid unused function warning by excluding if
__CYGWIN__ or __MINGW32__ macro is defined.
	(rsrc_cmp): Fix Windows host version and version without wchar header.
	[__CYGWIN__, __MINGW32__]: Introduce rsrccmp macro.
	Fix coding standard issues.
2013-12-19 12:37:30 +00:00
Nick Clifton
b9e95fa2d1 * peXXigen.c (rsrc_print_section): Use ptrdiff_t as the type for
pointer arithmetic.
2013-12-18 10:30:25 +00:00
H.J. Lu
337e86d7c5 Rename index to indx
* peXXigen.c (rsrc_process_section): Rename index to indx.
2013-12-17 10:10:16 -08:00
Nick Clifton
5879bb8fc5 * peXXigen.c: Include wchar.h if available.
Include safe-ctype.h.
	(HighBitSet, SetHighBit, WithoutHighBit): New macros.
	(pe_print_resource_entries): Rename to
	rsrc_print_resource_entries.  Handle names that are not RVAs.
	(pe_print_resource_directory): Rename to
	rsrc_print_resource_directory.
	(pe_print_rsrc): Rename to rsrc_print_section.  Corrupt
	computation of RVA bias.
	(rsrc_count_entries): New function.
	(rsrc_count_directory): New function.
	(rsrc_parse_entry): New function.
	(rsrc_parse_entries): New function.
	(rsrc_parse_directory): New function.
	(rsrc_write_string): New function.
	(rsrc_compute_rva): New function.
	(rsrc_write_leaf): New function.
	(rsrc_write_entry): New function.
	(rsrc_write_directory): New function.
	(u16_mbtouc): New function.
	(rsrc_cmp): New function.
	(rsrc_print_name): New function.
	(rsrc_resource_name): New function.
	(rsrc_merge_string_entries): New function.
	(rsrc_sort_entries): New function.
	(rsrc_attach_chain): New function.
	(rsrc_merge): New function.
	(rsrc_process_section): New function - merges the contents of a
	.rsrc section.
	(_bfd_XXi_final_link_postscript): Call rsrc_process_section.
	* configure.in (AC_CHECK_HEADERS): Add wchar.h
	* config.in: Regenerate.
	* configure: Regenerate.
2013-12-17 15:39:13 +00:00