This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
Re: Suggest a fix?
- From: Alan Modra <amodra at bigpond dot net dot au>
- To: msnyder at sonic dot net
- Cc: binutils at sourceware dot org
- Date: Wed, 1 Aug 2007 17:42:29 +0930
- Subject: Re: Suggest a fix?
- References: <11737.12.7.175.2.1185575756.squirrel@webmail.sonic.net>
On Fri, Jul 27, 2007 at 03:35:56PM -0700, msnyder@sonic.net wrote:
> I see two instances of this code fragment in elflink.c:
>
> name = h->root.root.string;
> p = strchr (name, ELF_VER_CHR);
> if (p != NULL)
> {
> alc = bfd_malloc (p - name + 1);
> memcpy (alc, name, p - name);
> alc[p - name] = '\0';
> name = alc;
> }
>
> One is in elf_collect_hash_codes, and one in elf_collect_gnu_hash_codes.
> The issue is that the bfd_malloc is not checked for null return, and I'm
> not sure what best to do if it returns null.
I suggested a fix in
http://sourceware.org/ml/binutils/2007-07/msg00141.html
Another would be to simply overwrite the '@' with a zero then restore
after calculating the hash. Despite h->root.root.string being const,
it is always in read/write memory.
> By any chance, is there an upper limit to the length of 'name',
Nope.
--
Alan Modra
Australia Development Lab, IBM