|
 |
b57b4a1 |
*** ../binutils-2.24.orig/bfd/elf.c 2014-10-27 12:47:20.989181791 +0000
|
|
|
b57b4a1 |
--- bfd/elf.c 2014-10-27 12:47:33.296248170 +0000
|
|
|
b57b4a1 |
*************** setup_group (bfd *abfd, Elf_Internal_Shd
|
|
|
b57b4a1 |
*** 608,616 ****
|
|
|
b57b4a1 |
if (shdr->contents == NULL)
|
|
|
b57b4a1 |
{
|
|
|
b57b4a1 |
_bfd_error_handler
|
|
|
b57b4a1 |
! (_("%B: Corrupt size field in group section header: 0x%lx"), abfd, shdr->sh_size);
|
|
|
b57b4a1 |
bfd_set_error (bfd_error_bad_value);
|
|
|
b57b4a1 |
! return FALSE;
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
|
|
|
b57b4a1 |
memset (shdr->contents, 0, amt);
|
|
|
b57b4a1 |
--- 608,617 ----
|
|
|
b57b4a1 |
if (shdr->contents == NULL)
|
|
|
b57b4a1 |
{
|
|
|
b57b4a1 |
_bfd_error_handler
|
|
|
b57b4a1 |
! (_("%B: corrupt size field in group section header: 0x%lx"), abfd, shdr->sh_size);
|
|
|
b57b4a1 |
bfd_set_error (bfd_error_bad_value);
|
|
|
b57b4a1 |
! -- num_group;
|
|
|
b57b4a1 |
! continue;
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
|
|
|
b57b4a1 |
memset (shdr->contents, 0, amt);
|
|
|
b57b4a1 |
*************** setup_group (bfd *abfd, Elf_Internal_Shd
|
|
|
b57b4a1 |
*** 618,625 ****
|
|
|
b57b4a1 |
if (bfd_seek (abfd, shdr->sh_offset, SEEK_SET) != 0
|
|
|
b57b4a1 |
|| (bfd_bread (shdr->contents, shdr->sh_size, abfd)
|
|
|
b57b4a1 |
!= shdr->sh_size))
|
|
|
b57b4a1 |
! return FALSE;
|
|
|
b57b4a1 |
!
|
|
|
b57b4a1 |
/* Translate raw contents, a flag word followed by an
|
|
|
b57b4a1 |
array of elf section indices all in target byte order,
|
|
|
b57b4a1 |
to the flag word followed by an array of elf section
|
|
|
b57b4a1 |
--- 619,635 ----
|
|
|
b57b4a1 |
if (bfd_seek (abfd, shdr->sh_offset, SEEK_SET) != 0
|
|
|
b57b4a1 |
|| (bfd_bread (shdr->contents, shdr->sh_size, abfd)
|
|
|
b57b4a1 |
!= shdr->sh_size))
|
|
|
b57b4a1 |
! {
|
|
|
b57b4a1 |
! _bfd_error_handler
|
|
|
b57b4a1 |
! (_("%B: invalid size field in group section header: 0x%lx"), abfd, shdr->sh_size);
|
|
|
b57b4a1 |
! bfd_set_error (bfd_error_bad_value);
|
|
|
b57b4a1 |
! -- num_group;
|
|
|
b57b4a1 |
! /* PR 17510: If the group contents are even partially
|
|
|
b57b4a1 |
! corrupt, do not allow any of the contents to be used. */
|
|
|
b57b4a1 |
! memset (shdr->contents, 0, amt);
|
|
|
b57b4a1 |
! continue;
|
|
|
b57b4a1 |
! }
|
|
|
b57b4a1 |
!
|
|
|
b57b4a1 |
/* Translate raw contents, a flag word followed by an
|
|
|
b57b4a1 |
array of elf section indices all in target byte order,
|
|
|
b57b4a1 |
to the flag word followed by an array of elf section
|
|
|
b57b4a1 |
*************** setup_group (bfd *abfd, Elf_Internal_Shd
|
|
|
b57b4a1 |
*** 651,656 ****
|
|
|
b57b4a1 |
--- 661,681 ----
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
+
|
|
|
b57b4a1 |
+ /* PR 17510: Corrupt binaries might contain invalid groups. */
|
|
|
b57b4a1 |
+ if (num_group != (unsigned) elf_tdata (abfd)->num_group)
|
|
|
b57b4a1 |
+ {
|
|
|
b57b4a1 |
+ elf_tdata (abfd)->num_group = num_group;
|
|
|
b57b4a1 |
+
|
|
|
b57b4a1 |
+ /* If all groups are invalid then fail. */
|
|
|
b57b4a1 |
+ if (num_group == 0)
|
|
|
b57b4a1 |
+ {
|
|
|
b57b4a1 |
+ elf_tdata (abfd)->group_sect_ptr = NULL;
|
|
|
b57b4a1 |
+ elf_tdata (abfd)->num_group = num_group = -1;
|
|
|
b57b4a1 |
+ (*_bfd_error_handler) (_("%B: no valid group sections found"), abfd);
|
|
|
b57b4a1 |
+ bfd_set_error (bfd_error_bad_value);
|
|
|
b57b4a1 |
+ }
|
|
|
b57b4a1 |
+ }
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
|
|
|
b57b4a1 |
*************** setup_group (bfd *abfd, Elf_Internal_Shd
|
|
|
b57b4a1 |
*** 716,721 ****
|
|
|
b57b4a1 |
--- 741,747 ----
|
|
|
b57b4a1 |
{
|
|
|
b57b4a1 |
(*_bfd_error_handler) (_("%B: no group info for section %A"),
|
|
|
b57b4a1 |
abfd, newsect);
|
|
|
b57b4a1 |
+ return FALSE;
|
|
|
b57b4a1 |
}
|
|
|
b57b4a1 |
return TRUE;
|
|
|
b57b4a1 |
}
|