This is the mail archive of the
binutils@sources.redhat.com
mailing list for the binutils project.
Re: Memory corruption handling x86 relocs
- To: Nick Clifton <nickc at redhat dot com>
- Subject: Re: Memory corruption handling x86 relocs
- From: "H . J . Lu" <hjl at valinux dot com>
- Date: Sun, 11 Feb 2001 16:02:44 -0800
- Cc: fnf at be dot com, binutils at sources dot redhat dot com
- References: <200102112230.OAA09238@elmo.cygnus.com>
On Sun, Feb 11, 2001 at 02:30:30PM -0800, Nick Clifton wrote:
> Hi Fred,
>
> : I have a test case that triggers internal memory corruption in BFD
> : when processing x86 relocs during linking. Basically either BFD is
> : incorrectly computing the amount of space needed, or is incorrectly
> : trying to store more relocs than it should, overwriting some other
> : pointers.
>
> Any luck figuring out exactly what is going wrong ?
>
> : + BFD_ASSERT (sreloc->reloc_count < (sreloc->_raw_size / sizeof (Elf32_External_Rel)));
>
> Why is the test for 'less than' rather than 'less than or equal to' ?
>
> reloc_count is the number of relocs in the section, which if they are
> REL type relocs ought to be equal to _raw_size/12, so the above assert
> would fail.
I have checked in a patch to address it. I am still waiting for the
real confirmation from Fred. See
http://sources.redhat.com/ml/binutils/2001-02/msg00165.html
BTW, I am not sure if BFD_ASSERT there is necessary. Maybe we can add
one at the end of elf_i386_relocate_section ().
--
H.J. Lu (hjl@valinux.com)