This patch addresses the multitude of bug reports about resource exhaustion
in libiberty's name demangling code. It adds a limit to the amount of
recursion that is allowed, before an error is triggered. It also adds a
new demangling option to disable this limit. (The limit is enabled by
default).
PR 87681
PR 87675
PR 87636
PR 87335
libiberty * cp-demangle.h (struct d_info): Add recursion_limit field.
* cp-demangle.c (d_function_type): If the recursion limit is
enabled and reached, return with a failure result.
(d_demangle_callback): If the recursion limit is enabled, check
for a mangled string that is so long that there is not enough
stack space for the local arrays.
* cplus-dem.c (struct work): Add recursion_level field.
(demangle_nested_args): If the recursion limit is enabled and
reached, return with a failure result.
include * demangle.h (DMGL_RECURSE_LIMIT): Define.
(DEMANGLE_RECURSION_LIMIT): Prototype.
binutuils * addr2line.c (demangle_flags): New static variable.
(long_options): Add --recurse-limit and --no-recurse-limit.
(translate_address): Pass demangle_flags to bfd_demangle.
(main): Handle --recurse-limit and --no-recurse-limit options.
* cxxfilt.c (flags): Add DMGL_RECURSE_LIMIT.
(long_options): Add --recurse-limit and --no-recurse-limit.
(main): Handle new options.
* dlltool.c (gen_def_file): Include DMGL_RECURSE_LIMIT in flags
passed to cplus_demangle.
* nm.c (demangle_flags): New static variable.
(long_options): Add --recurse-limit and --no-recurse-limit.
(main): Handle new options.
* objdump.c (demangle_flags): New static variable.
(usage): Add --recurse-limit and --no-recurse-limit.
(long_options): Likewise.
(objdump_print_symname): Pass demangle_flags to bfd_demangle.
(disassemble_section): Likewise.
(dump_dymbols): Likewise.
(main): Handle new options.
* prdbg.c (demangle_flags): New static variable.
(tg_variable): Pass demangle_flags to demangler.
(tg_start_function): Likewise.
* stabs.c (demangle_flags): New static variable.
(stab_demangle_template): Pass demangle_flags to demangler.
(stab_demangle_v3_argtypes): Likewise.
(stab_demangle_v3_arg): Likewise.
* doc/binutuls.texi: Document new command line options.
* NEWS: Mention the new feature.
* testsuite/config/default.exp (CXXFILT): Define if not already
defined.
(CXXFILTFLAGS): Likewise.
* testsuite/binutils-all/cxxfilt.exp: New file. Runs a few
simple tests of the cxxfilt program.
This patch performs a run-time test that a shared libbfd.so has been
compiled with the same size bfd_vma as that of apps using the library.
On a 32-bit host it is easily possible to have one libbfd.so compiled
to support 64-bit targets (or configured with --enable-64-bit-bfd)
while another only supports 32-bit targets. The two libraries will
have differently sized bfd_vma types, and if the wrong one is loaded
all sorts of weird behaviour might be seen.
bfd/
PR 23534
* init.c (BFD_INIT_MAGIC): Define.
(bfd_init): Return BFD_INIT_MAGIC.
bfd-in2.h: Regenerate.
binutils/
PR 23534
* addr2line.c (main): Exit with fatal error if bfd_init
returns an unexpected value.
* ar.c (main): Likewise.
* dlltool.c (identify_dll_for_implib): Likewise.
* nm.c (main): Likewise.
* objcopy.c (main): Likewise.
* objdump.c (main): Likewise.
* size.c (main): Likewise.
* strings.c (main): Likewise.
* windmc.c (main): Likewise.
* windres.c (main): Likewise.
gas/
PR 23534
* as.c (main): Exit with fatal error if bfd_init returns an
unexpected value.
ld/
PR 23534
* ldmain.c (main): Exit with fatal error if bfd_init returns
an unexpected value.
PR binutils/17512
* addr2line.c (slurp_symtab): If the symcount is zero, free the
symbol table pointer.
* dwarf2.c (concat_filename): Check for an empty directory table.
(scan_unit_for_symbols): Check for reading off the end of the
unit.
(parse_comp_unit): Check for a DW_AT_comp_dir attribute with a
non-string form.
* elf64-ppc.c (opd_entry_value): Fail if there are no relocs
available.
PR binutils/17512
* coffcode.h (coff_set_arch_mach_hook): Check return value from
bfd_malloc.
(coff_slurp_line_table): Return FALSE if the line number
information was corrupt.
(coff_slurp_symbol_table): Return FALSE if the symbol information
was corrupt.
* mach-o.c (bfd_mach_o_bfd_copy_private_header_data): Always
initialise the fields of the dyld_info structure.
(bfd_mach_o_build_exec_seg_command): Replace assertion with an
error message and a return value.
(bfd_mach_o_layout_commands): Change the function to boolean.
Return FALSE if the function fails.
(bfd_mach_o_build_commands): Fail if bfd_mach_o_layout_commands
fails.
(bfd_mach_o_read_command): Fail if an unrecognised command is
encountered.
* peXXigen.c (_bfd_XXi_swap_aouthdr_in): Set bfd_error if the
read fails.
(slurp_symtab): Check the return from bfd_malloc.
(_bfd_XX_bfd_copy_private_bfd_data_common): Fail if the copy
encountered an error.
(_bfd_XXi_final_link_postscript): Fail if a section could not be
copied.
* peicode.h (pe_bfd_object_p): Fail if the header could not be
swapped in.
* tekhex.c (first_phase): Fail if the section is too big.
* versados.c (struct esdid): Add content_size field.
(process_otr): Use and check the new field.
(versados_get_section_contents): Check that the section exists and
that the requested data is available.
PR binutils/17512
* addr2line.c (main): Call bfd_set_error_program_name.
* ar.c (main): Likewise.
* coffdump.c (main): Likewise.
* cxxfilt.c (main): Likewise.
* dlltool.c (main): Likewise.
* nlmconv.c (main): Likewise.
* nm.c (main): Likewise.
* objdump.c (main): Likewise.
* size.c (main): Likewise.
* srconv.c (main): Likewise.
* strings.c (main): Likewise.
* sysdump.c (main): Likewise.
* windmc.c (main): Likewise.
* windres.c (main): Likewise.
* objcopy.c (main): Likewise.
(copy_relocations_in_section): Check for relocs without associated
symbol pointers.
bfd/
* bfd.c (bfd_find_nearest_line_discriminator): New macro.
* coff-rs6000.c: Init _bfd_find_nearest_line_discriminator.
* coff64-rs6000.c: Likewise.
* dwarf2.c (struct line_info): Add discriminator field.
(add_line_info): Fill in new discriminator field.
(decode_line_info): Record discriminator information instead
of ignoring it.
(lookup_address_in_line_info_table): Return discriminator field if
requested.
(comp_unit_find_nearest_line): Add discriminator argument.
(find_line): Likewise.
(_bfd_dwarf2_find_nearest_line): Likewise.
(_bfd_dwarf2_find_line): Likewise.
* elf-bfd.h (_bfd_elf_find_nearest_line_discriminator): New.
(_bfd_elf_find_line_discriminator): Likewise.
(_bfd_generic_find_nearest_line_discriminator): Likewise. Defined.
* elf.c (_bfd_elf_find_nearest_line): Change to a wrapper
that invokes _bfd_elf_find_nearest_line_discriminator with correct
arguments.
(_bfd_elf_find_nearest_line_discriminator): New.
(_bfd_elf_find_line): Change to a wrapper
that invokes _bfd_elf_find_line_discriminator with correct
arguments.
(_bfd_elf_find_line_discriminator): New.
* coffgen.c (coff_find_nearest_line_with_names): Handle
new discriminator argument.
* elf32-arm.c (elf32_arm_find_nearest_line): Likewise.
* elf64-alpha.c (elf64_alpha_find_nearest_line): Likewise.
* elfxx-mips.c (_bfd_mips_elf_find_nearest_line): Likewise.
* mach-o.c (bfd_mach_o_find_nearest_line): Likewise.
* libbfd-in.h (_bfd_dwarf2_find_nearest_line): Add discriminator
argument.
(_bfd_dwarf2_find_line): Likewise.
(_bfd_generic_find_nearest_line_discriminator): New.
* libbfd.c (_bfd_generic_find_nearest_line_discriminator): New.
* bfd-in2.h: Regenerated.
* libbfd.h: Likewise.
* targets.c (BFD_JUMP_TABLE_SYMBOLS): Initialize
_bfd_find_nearest_line_discriminator with
_bfd_generic_find_nearest_line_discriminator.
(bfd_target): Add _bfd_find_nearest_line_discriminator.
binutils/
* addr2line.c (find_address_in_section): Invoke
bfd_find_nearest_line_discriminator to get the discriminator.
(find_offset_in_section): Likewise.
(translate_addresses): Print discriminator if it is non-zero.
* objdump.c (show_line): Invoke
bfd_find_nearest_line_discriminator to get the discriminator,
and keep track of prev_discriminator. Print discriminator
if it is non-zero.
(disassemble_data): Initialize prev_discriminator.
(dump_reloc_set): Invoke bfd_find_nearest_line_discriminator
to get the discriminator, and keep track of last_discriminator.
Print discriminator if it is non-zero.
* addr2line.c (process_file): Change function from void to returning an int. Return 0 upon success, 1 otherwise.
(main): Use return value from process_file as the exit value.
* ar.c (ranlib_only): Change function from void to returning an int. Return 0 upon success, 1 otherwise.
(ranlib_touch): Likewise.
(main): Use return value from ranlib functions as exit value.
* objcopy.c (add_specific_symbol): Set status to 1 if get_file_size fails.
(copy_file): Likewise.
(strip_main): Likewise.
(copy_main): Likewise.
* objdump.c (display_file): Set exit_status to 1 if get_file_size fails.
* size.c (display_file): Set return_code to 1 if get_file_size fails.
(usage): Document new -j/--section option.
(find_offset_in_section): New function.
(translate_addresses): Add 'section' parameter.
If it is non-null, call find_offset_in_section on it.
(process_file): Add 'section_name' parameter.
If it is non-null, look for the section in the BFD object.
Pass the section to translate_addresses.
(main): Handle new -j option.
Pass the section name to process_file.
* doc/binutils.texi (addr2line): Document new -j/--section option.
(main <'V'>): Call print_version.
* srconv.c: Likewise.
* sysdump.c: Likewise.
* version.c (program_version): Remove.
(print_version): Use BFD_VERSION_STRING. Just print the current
year in copyright message.
* addr2line.c (program_version): Remove unused declaration.
* objdump.c (display_target_tables): Use BFD_VERSION_STRING in
place of BFD_VERSION.
* Makefile.am (Makefile): Depend on bfd/configure.in
(cplus-dem.o): Depend on Makefile.
Run "make dep-am"
* Makefile.in: Regenerate.
