This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Fix ppc64 ELFv1 assertion failure
- From: Alan Modra <amodra at gmail dot com>
- To: binutils at sourceware dot org
- Date: Wed, 22 Jul 2015 19:22:37 +0930
- Subject: Fix ppc64 ELFv1 assertion failure
- Authentication-results: sourceware.org; auth=none
Bogus assembly can hit an assertion in opd_entry_value when the symbol
referenced by a function descriptor is undefined. Worse, the code
after the assert copies unitialised memory to return the code section.
This uninitialised pointer can later be dereferencd, possibly causing
a linker segmentation fault.
* elf64-ppc.c (opd_entry_value): Remove assertion. Instead,
return -1 if symbol referenced is not defined. Tidy.
diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c
index 468e8bf..ef08164 100644
--- a/bfd/elf64-ppc.c
+++ b/bfd/elf64-ppc.c
@@ -6034,14 +6034,13 @@ opd_entry_value (asection *opd_sec,
if (rh != NULL)
{
rh = elf_follow_link (rh);
- BFD_ASSERT (rh->root.type == bfd_link_hash_defined
- || rh->root.type == bfd_link_hash_defweak);
- val = rh->root.u.def.value;
- sec = rh->root.u.def.section;
- if (sec->owner != opd_bfd)
+ if (rh->root.type != bfd_link_hash_defined
+ && rh->root.type != bfd_link_hash_defweak)
+ break;
+ if (rh->root.u.def.section->owner == opd_bfd)
{
- sec = NULL;
- val = (bfd_vma) -1;
+ val = rh->root.u.def.value;
+ sec = rh->root.u.def.section;
}
}
}
--
Alan Modra
Australia Development Lab, IBM