This is the mail archive of the binutils@sourceware.org mailing list for the binutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH 1/2] pe/coff: Avoid a crash using objdump -p on the output of objcopy --only-keep-debug

From: Christopher Faylor <cgf-use-the-mailinglist-please at sourceware dot org>
To: binutils at sourceware dot org, Jon TURNEY <jon dot turney at dronecode dot org dot uk>
Date: Thu, 3 Apr 2014 00:02:36 -0400
Subject: Re: [PATCH 1/2] pe/coff: Avoid a crash using objdump -p on the output of objcopy --only-keep-debug
Authentication-results: sourceware.org; auth=none
References: <1395153555-5572-1-git-send-email-jon dot turney at dronecode dot org dot uk> <1395153555-5572-2-git-send-email-jon dot turney at dronecode dot org dot uk>

Nick are you ok with these patches?  They seem ok to me.  I'm sorry that I
missed them previously.

cgf

On Tue, Mar 18, 2014 at 02:39:14PM +0000, Jon TURNEY wrote:
>Avoid a crash when using objdump -p on the output of objcopy --only-keep-debug
>
>e.g.
>
>$ objdump -p /usr/lib/debug/usr/bin/cygwin1.dbg
>[...]
>The Export Tables (interpreted .edata section contents)
>
>Export Flags                    0
>Time/Date stamp                 0
>Major/Minor                     0/0
>Segmentation fault (core dumped)
>
>Verfify that edt.name lies inside the .edata section we have loaded before
>dereferencing it.  Change adj to to bfd_vma to avoid signed vs. unsigned
>comparison warnings - it could only be negative if a section had a negative
>vma.
>
>bfd/Changelog:
>
>2014-03-18  Jon TURNEY  <jon.turney@dronecode.org.uk>
>
>	* peXXigen.c (pe_print_edata): Verify edt.name lies inside
>	section before dereferencing.
>
>Signed-off-by: Jon TURNEY <jon.turney@dronecode.org.uk>
>---
> bfd/peXXigen.c | 8 ++++++--
> 1 file changed, 6 insertions(+), 2 deletions(-)
>
>diff --git a/bfd/peXXigen.c b/bfd/peXXigen.c
>index 8219ab9..d011c0e 100644
>--- a/bfd/peXXigen.c
>+++ b/bfd/peXXigen.c
>@@ -1373,7 +1373,7 @@ pe_print_edata (bfd * abfd, void * vfile)
>   bfd_size_type datasize = 0;
>   bfd_size_type dataoff;
>   bfd_size_type i;
>-  bfd_signed_vma adj;
>+  bfd_vma adj;
>   struct EDT_type
>   {
>     long export_flags;          /* Reserved - should be zero.  */
>@@ -1478,8 +1478,12 @@ pe_print_edata (bfd * abfd, void * vfile)
>   fprintf (file,
> 	   _("Name \t\t\t\t"));
>   bfd_fprintf_vma (abfd, file, edt.name);
>-  fprintf (file,
>+
>+  if ((edt.name >= adj) && (edt.name < adj + datasize))
>+    fprintf (file,
> 	   " %s\n", data + edt.name - adj);
>+  else
>+    fprintf (file, "(outside .edata section)\n");
> 
>   fprintf (file,
> 	   _("Ordinal Base \t\t\t%ld\n"), edt.base);
>-- 
>1.8.3.4
>
>

Follow-Ups:
- Re: [PATCH 1/2] pe/coff: Avoid a crash using objdump -p on the output of objcopy --only-keep-debug
  - From: Nicholas Clifton

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]