Well it didn't take long for the SAFE_BYTE_GET assert to trigger.
PR 27860
* dwarf.c (display_debug_frames): Sanity check cie_off before
attempting to read cie.
* dwarf.c (process_extended_line_op): Don't bump data pointer past
end when strnlen doesn't find string terminator.
(decode_location_expression): Remove dead code.
(skip_attr_bytes): Remove const from end param. Ensure data
pointer doesn't pass end.
(get_type_signedness): Remove const from end param.
(read_and_display_attr_value): Ensure data pointer doesn't pass end.
(display_debug_lines_raw, display_debug_lines_decoded): Likewise.
(display_debug_pubnames_worker): Likewise.
(display_debug_pubnames_worker): Use SAFE_BYTE_GET_AND INC rather
than blindly incrementing data pointer.
(display_debug_addr, display_debug_str_offsets): Likewise. Don't
compare pointers, compare lengths.
This rearranges SAFE_BYTE_GET* macros, eliminating some duplication,
and making sure that the _INC variants never increment their PTR arg
past END. I've added an assertion that should show us places where we
use them improperly with user derived PTR args, which I'm sure the
fuzzers will find for us.
* dwarf.c (SAFE_BYTE_GET_INTERNAL): Define.
(SAFE_BYTE_GET, SAFE_BYTE_GET_AND_INC): Define using the above.
(SAFE_SIGNED_BYTE_GET, SAFE_SIGNED_BYTE_GET_AND_INC): Likewise.
(display_discr_list): Use SAFE_BYTE_GET_AND_INC rather than
SAFE_BYTE_GET followed by increment.
(process_debug_info): Likewise, and test bytes remaining before
incrementing section_begin rather than using pointer comparison.
(display_debug_names): Pass lvalue as SAFE_BYTE_GET PTR.
(process_cu_tu_index): Likewise for SAFE_BYTE_GET_AND_INC.
Not quite infinite but much longer than it need be. The problem is
triggered by read_and_display_attr_value incrementing "data" past
"end". read_and_display_attr_value shouldn't do that, but be
defensive.
PR 27853
* dwarf.c (display_formatted_table): Test for data >= end rather
than data == end.
(process_extended_line_op): Likewise.
(display_debug_lines_raw): Likewise.
(display_debug_lines_decoded): Likewise.
Building as ILP32 shows:
gcc -m32 -DHAVE_CONFIG_H -I. -I/checkout/binutils -I. -I/checkout/binutils -I../bfd -I/checkout/binutils/../bfd -I/checkout/binutils/../include -DLOCALEDIR="\"/usr/local/share/locale\"" -Dbin_dummy_emulation=bin_vanilla_emulation -W -Wall -Wstrict-prototypes -Wmissing-prototypes -Wshadow -Wstack-usage=262144 -Werror -I/checkout/binutils/../zlib -g -O2 -MT dwarf.o -MD -MP -MF $depbase.Tpo -c -o dwarf.o /checkout/binutils/dwarf.c &&\
mv -f $depbase.Tpo $depbase.Po
In file included from /checkout/binutils/sysdep.h:101:0,
from /checkout/binutils/dwarf.c:21:
/checkout/binutils/dwarf.c: In function 'process_abbrev_set':
/checkout/binutils/dwarf.c:1072:15: error: format '%lx' expects argument of type 'long unsigned int', but argument 2 has type 'dwarf_vma {aka long long unsigned int}' [-Werror=format=]
warn (_("Debug info is corrupted, abbrev size (%lx) is larger than "
^
/checkout/binutils/dwarf.c:1072:13: note: in expansion of macro '_'
warn (_("Debug info is corrupted, abbrev size (%lx) is larger than "
^
cc1: all warnings being treated as errors
Makefile:1101: recipe for target 'dwarf.o' failed
The recent commit, casting one of the terms, has an obvious
typo. To wit, the (non-cast) term abbrev_size is a
dwarf_vma and causes the whole expression to (still) be 64
bits.
binutils:
* dwarf.c (process_abbrev_set): Properly parenthesize before
casting to unsigned long.
PR 27845
* dwarf.c (process_abbrev_set): Replace start and end parameters
with section, abbrev_base, abbrev_size, abbrev_offset. Update
all callers. Sanity check parameters correctly and emit warnings
here rather than..
(process_debug_info): ..here.
PR 4356
PR 26865
PR 27594
* windres.c (quot): Revert previous delta. Do not use double
quotes when spaces are detected in options.
* doc/binutils.texi (windres): Remove suggestion that the
--preprocessor option can take arguments.
PTR supplied to these macros can be read from user input, END is an
end of buffer pointer. It's safer to do arithmetic on END than on PTR.
* dwarf.c (SAFE_BYTE_GET): Check bounds by subtracting amount from
END rather than adding amount to PTR.
(SAFE_SIGNED_BYTE_GET, SAFE_BYTE_GET64): Likewise.
A quick check says this is the only place in all of bfd, opcodes,
binutils, gas, ld, gprof that duplicates the new libiberty
htab_eq_string.
* objcopy.c (eq_string): Delete.
(create_symbol_htab): Use htab_eq_string.
Use the pattern from other projects where we generate the html pages
in a dir named the same as the project. So now we have:
gas/doc/gas.html - single html page
gas/doc/gas/ - multiple html pages
This works for projects that have a doc/ subdir already, but gprof &
ld require a little tweaking since they generate their docs in their
respective toplevels.
This better matches other GNU projects like autoconf/automake where
the html manual is the single page form. We'll support the multi-page
form in a follow up change.
bfd/ChangeLog:
* coff-rs6000.c (_bfd_xcoff_swap_aux_in): Add errors for
unsupported storage class or auxialiry entries.
Improve and adapt to new aux structures.
Add C_DWARF support.
(_bfd_xcoff_swap_aux_out): Likewise.
* coff64-rs6000.c (_bfd_xcoff64_swap_aux_in): Likewise.
(_bfd_xcoff64_swap_aux_out): Likewise.
binutils/ChangeLog:
* od-xcoff.c (dump_xcoff32_symbols): Adapt to new
aux structures.
include/ChangeLog:
* coff/internal.h (union internal_auxent):
Add x_sect structure.
* coff/rs6000.h (union external_auxent): Rework to
match official documentation.
* coff/rs6k64.h (union external_auxent): Likewise.
(_AUX_SECT): New define.
PR 27672
* readelf.c (sym_base): New variable.
(enum print_mode): Add more modes.
(print_vma): Add suport for new modes.
(options): Add sym-base.
(usage): Add sym-base.
(parse_args): Add support for --sym-base.
(print_dynamic_symbol_size): New function.
(print_dynamic_symbol): Use new function.
* doc/binutils.texi: Document the new feature.
* NEWS: Mention the new feature.
Nanosecond rather than second resolution.
PR 27725
* configure.ac: Check for sys/time.h and utimensat. Use standard
checks for mkstemp and mkdtemp. Whitespace. Check for nanosecond
members of struct stat.
* rename.c: Prefer sys/time.h for utimes over utime.h for utime.
(STAT_TIMESPEC, STAT_TIMESPEC_NS): Define
(get_stat_atime_ns, get_stat_mtime_ns): New inline functions.
(get_stat_atime, get_stat_mtime): Likewise.
(set_times): Choose first available of utimensat, utimes, utime.
Use above inline functions to set timespec and timeval values.
* configure: Regenerate.
* config.in: Regenerate.
* testsuite/binutils-all/objcopy.exp (objcopy_test): Add test of
file timestamp when --preserve-dates is used.
More fallout from the PR27456 fixes.
PR 27456
* rename.c (smart_rename): When TO and FROM are equal, just set
file timestamp.
* objcopy.c (strip_main, copy_main): Always call smart_rename.
Since p_memsz of the loadable PT_NOTE segment should be the same as
p_filesz, set p_memsz on the loadable PT_NOTE segment when updating
p_filesz.
bfd/
PR binutils/27708
* elf.c (assign_file_positions_for_non_load_sections): Set
p_memsz to p_filesz for the loadable PT_NOTE segment.
binutils/
PR binutils/27708
* testsuite/binutils-all/x86-64/pr27708.dump: New file.
* testsuite/binutils-all/x86-64/pr27708.exe.bz2: Likewise.
* testsuite/binutils-all/x86-64/x86-64.exp: Run binutils/27708
test.
We shouldn't be using arbitrary limits like PATH_MAX in GNU programs.
This patch also fixes some memory leaks in readelf when processing
separate debug info.
PR 27716
binutils/
* objdump.c (show_line): Don't limit paths to PATH_MAX.
* readelf.c (struct filedata): Change program_interpreter from
a char array to a char pointer.
(process_program_headers): Sanity check PT_INTERP p_filesz.
Malloc program_interpreter using p_filesz and read directly from
file.
(process_dynamic_section): Check program_interpreter is non-NULL.
(free_filedata): New function, split out from..
(process_object): ..here.
(close_debug_file): Call free_filedata.
* sysdep.h: Don't include sys/param.h.
(PATH_MAX): Don't define.
* configure.ac: Don't check for sys/param.h.
* configure: Regenerate.
gprof/
* gprof.h (PATH_MAX): Don't define.
* corefile.c (core_create_line_syms): Don't use PATH_MAX for initial
file name size.
* source.c (annotate_source): Malloc file name buffer. Always
trim off "-ann" when dos 8.3 annotate file matches original.
* utils.c (print_name_only): Malloc file name buffer.
NT_NETBSD_PAX was defined in commit be3b926d8d.
binutils/ChangeLog:
* readelf.c (process_netbsd_elf_note): Remove now unneeded #ifdef
check for NT_NETBSD_PAX.
This adds some annotation to Power10 pcrel instructions, displaying
the target address (ie. pc + D34 field) plus a symbol if there is one
at exactly that target address. pld from the .got or .plt will also
look up the entry and display it, symbolically if there is a dynamic
relocation on the entry.
include/
* dis-asm.h (struct disassemble_info): Add dynrelbuf and dynrelcount.
binutils/
* objdump.c (struct objdump_disasm_info): Delete dynrelbuf and
dynrelcount.
(find_symbol_for_address): Adjust for dynrelbuf and dynrelcount move.
(disassemble_section, disassemble_data): Likewise.
opcodes/
* ppc-dis.c (struct dis_private): Add "special".
(POWERPC_DIALECT): Delete. Replace uses with..
(private_data): ..this. New inline function.
(disassemble_init_powerpc): Init "special" names.
(skip_optional_operands): Add is_pcrel arg, set when detecting R
field of prefix instructions.
(bsearch_reloc, print_got_plt): New functions.
(print_insn_powerpc): For pcrel instructions, print target address
and symbol if known, and decode plt and got loads too.
gas/
* testsuite/gas/ppc/prefix-pcrel.d: Update expected output.
* testsuite/gas/ppc/prefix-reloc.d: Likewise.
* gas/testsuite/gas/ppc/vsx_32byte.d: Likewise.
ld/
* testsuite/ld-powerpc/inlinepcrel-1.d: Update expected output.
* testsuite/ld-powerpc/inlinepcrel-2.d: Likewise.
* testsuite/ld-powerpc/notoc2.d: Likewise.
* testsuite/ld-powerpc/notoc3.d: Likewise.
* testsuite/ld-powerpc/pcrelopt.d: Likewise.
* testsuite/ld-powerpc/startstop.d: Likewise.
* testsuite/ld-powerpc/tlsget.d: Likewise.
* testsuite/ld-powerpc/tlsget2.d: Likewise.
* testsuite/ld-powerpc/tlsld.d: Likewise.
* testsuite/ld-powerpc/weak1.d: Likewise.
* testsuite/ld-powerpc/weak1so.d: Likewise.
This fixes the issue that startswith depends on strncpy being
declared, and not all projects using bfd.h include string.h before
bfd.h. I've also deleted some macros that don't find much use
anywhere.
bfd/
* bfd-in.h: Include string.h.
(LITMEMCPY, LITSTRCPY): Delete.
* bfd-in2.h: Regenerate.
binutils/
* prdbg.c (pr_function_type): Replace LITSTTCPY with strcpy.
* objdump.c (process_links): Use type int.
* readelf.c (request_dump): Don't increment do_dump, set it.
* windint.h (target_is_bigendian): Use type bfd_boolean.
* windmc.c (target_is_bigendian): Likewise.
* windres.c (target_is_bigendian): Likewise.
