From patchwork Fri Dec 13 04:54:49 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 102949 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 034743858416 for ; Fri, 13 Dec 2024 04:55:45 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 034743858416 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=KPgql0ul X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pl1-x62d.google.com (mail-pl1-x62d.google.com [IPv6:2607:f8b0:4864:20::62d]) by sourceware.org (Postfix) with ESMTPS id 77D813858D38 for ; Fri, 13 Dec 2024 04:54:53 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 77D813858D38 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 77D813858D38 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::62d ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1734065693; cv=none; b=GvPZ2k4FTOGfwxZ504lak48myMZGoWvsfuewCgHastxZLaIZktPBYwHo+m0q4Th41snvSBqktRsJCKTiSpLmZVAEF8o59GSgO82DZmd4+wZMnLMOgIvgNzz4dAJj1hXYLcYvWFAoWrdEhF4nKX+ykcoZlj1WYBP526OLJCVwAUo= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1734065693; c=relaxed/simple; bh=ExnYHDgEdfkoUVSJkxxpwLIskqX3TKdTb8qw28Dcxrw=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=sPQ+eVsPIxB/4OInDyEy3ds31xA57MvYco7ARsvaiV4j48Iu+o/QrO+qmJeuuFU9xDrodnBDanW2mWy3wiNZAdVSSO3DgYipqsCIFZDcnNPhsDvjsFL76EDhmoEr/ZTm52Z3FLUqm5VPMBuiWvGy4TIm25t8NYsnQzylYzHw5GU= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 77D813858D38 Received: by mail-pl1-x62d.google.com with SMTP id d9443c01a7336-21619108a6bso10503095ad.3 for ; Thu, 12 Dec 2024 20:54:53 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1734065692; x=1734670492; darn=sourceware.org; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=q9BUsXO8sIvd1Kcmf0LoRTG5ei4s32PATkHGSEVnq1w=; b=KPgql0ulwfCRdDArL0NOOcc5Cd/1Xg+bIihYd4xc8uWrGsEFUPCe7GMw/nqg7uq2eC Foh/oMBrEkp20G65Xu3t5RUAZt0gxmcUFJPGPS7mIeoscfLWmotQKHTAWOvxYWj/M0nf jd3BgdcQ/fkCPT75EnyW5PwAmDpaKxes+9Rrm6+nyWGxs8g4Ivft2AAqv62WdvX6H2wb woMA3VJSAj6Dl1oQ0oizE2Ywp6EnKlvgIjj2rQomfGOxxfwRv9TysDVuyzunTLFGT90D 9zPUdiy6Ujs5J6wCRG4qK2Yh6VUH4vgk+edcoh+XAduqCB7be5Pdw5jjaoZrNx+7/JVF MAjA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734065692; x=1734670492; h=content-disposition:mime-version:message-id:subject:cc:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=q9BUsXO8sIvd1Kcmf0LoRTG5ei4s32PATkHGSEVnq1w=; b=qzGCVR7uRRLdxWJuh9y/ZHhOqroel85XM0mnmx4uccw1vZ1G+6EIMnAwBf5dHf3WHE Z2FMrRiDoMo3ZujM4aWbx0yXlF7kpwQRzNNX9U7EjW6FUAVQhSds+U02HiS/emwZsWi9 SYhei82npdl55J4HPaf6uOzwbh64s7xtVUIcsa5P9TwLkMaC65UCDtOjVmSM/u+ugYGp Raf6Hgzw0kwkQ+Y78DoOyJBsimLeo0AxRcLGmiqkjU3bnaJTdPlhBE/gE4fs7AKyIwix BZx778zsC1qhjave8tH7aN7GpF4JFCMoQpKs5AnTdJnNu2lqcFc8mZltX3vu8kBlOBzS qpTw== X-Gm-Message-State: AOJu0YzTv35Ufwcc0TwUFqohRmuSfsad5WExFoMFrdgXQ98fl0KXK1po J03IbNHyDRmiOTYVrZUdU8tp7ZabymhRAH7+mCVCGqLo6if40Skc X-Gm-Gg: ASbGncv4c+Roiv1enLECExQA5+RAwTYgHGYalv25iRCcmlV8BslMMiR2z+qaxTYz1Bk r4B21kMEphMNKigJYE982OOX+o5VLYkDUZOdUUHAiKKkTnrHW4YgJU+K++gh+hqyiIZNjIx3A2l euOGoLVA5n8XNsEaD+Bxumtc/j6JgL2a2IPFsc//6dSCuYrB2b9FhpvhKm64MrXTpdPv3cnxJDL hzABU+eQFSUEBS0wLYyV9dSO4T5hu8UyuhZhzDpKUbQhYGPsOs00CfOboAxhcpRhNLgAw== X-Google-Smtp-Source: AGHT+IEaNUCCeik6cxZx0dr9SnnOQXH/RAYXOpprTcBV0t5pDR/PeQaW4VUuw1l6ARGCANComyiNnA== X-Received: by 2002:a17:902:ecc9:b0:215:44fe:163e with SMTP id d9443c01a7336-2189298259cmr21531595ad.1.1734065692316; Thu, 12 Dec 2024 20:54:52 -0800 (PST) Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:4d08:cebd:d73f:b794]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-21789e5382esm25429245ad.108.2024.12.12.20.54.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Thu, 12 Dec 2024 20:54:51 -0800 (PST) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id A2F8E1140638; Fri, 13 Dec 2024 15:24:49 +1030 (ACDT) Date: Fri, 13 Dec 2024 15:24:49 +1030 From: Alan Modra To: binutils@sourceware.org Cc: =?iso-8859-1?q?Cl=E9ment?= Chigot Subject: xcoff reading dynamic relocs Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-3032.1 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces~patchwork=sourceware.org@sourceware.org This adds a sanity check to relocation symbol indices, and tidies code a little. The patch does result in a couple of testsuite failures rs6000-aix7.2 +FAIL: TLS relocations (32-bit) rs6000-aix7.2 +FAIL: TLS relocations (64-bit) That seems reasonable to me, because prior to this patch l_symndx was being set to -1 and -2 for .tdata and .tbss symbols resulting in a buffer overflow when accessing the syms array. (objdump -R on the testcase .so segfaults.) bfd/ * xcofflink.c (_bfd_xcoff_canonicalize_dynamic_reloc): Prevent symbol array overflow on invalid relocation symbol index. Tidy code for relocs against standard sections. (xcoff_create_ldrel): Remove cast. include/ * coff/xcoff.h (struct internal_ldrel): Make l_symndx uint32_t. Make l_rtype and l_rsecnm int16_t. diff --git a/bfd/xcofflink.c b/bfd/xcofflink.c index 49ac8efd1e8..b75fb42eed5 100644 --- a/bfd/xcofflink.c +++ b/bfd/xcofflink.c @@ -439,30 +439,13 @@ _bfd_xcoff_canonicalize_dynamic_reloc (bfd *abfd, bfd_xcoff_swap_ldrel_in (abfd, elrel, &ldrel); - if (ldrel.l_symndx >= 3) - relbuf->sym_ptr_ptr = syms + (ldrel.l_symndx - 3); - else + if (ldrel.l_symndx == -1u) + relbuf->sym_ptr_ptr = bfd_abs_section_ptr->symbol_ptr_ptr; + else if (ldrel.l_symndx < 3) { - const char *name; - asection *sec; - - switch (ldrel.l_symndx) - { - case 0: - name = ".text"; - break; - case 1: - name = ".data"; - break; - case 2: - name = ".bss"; - break; - default: - abort (); - break; - } - - sec = bfd_get_section_by_name (abfd, name); + static const char stdsec[3][8] = { ".text", ".data", ".bss" }; + const char *name = stdsec[ldrel.l_symndx]; + asection *sec = bfd_get_section_by_name (abfd, name); if (sec == NULL) { bfd_set_error (bfd_error_bad_value); @@ -471,6 +454,16 @@ _bfd_xcoff_canonicalize_dynamic_reloc (bfd *abfd, relbuf->sym_ptr_ptr = sec->symbol_ptr_ptr; } + else if (ldrel.l_symndx - 3 < ldhdr.l_nsyms) + relbuf->sym_ptr_ptr = syms + (ldrel.l_symndx - 3); + else + { + _bfd_error_handler + /* xgettext:c-format */ + (_("%pB: warning: illegal symbol index %lu in relocs"), + abfd, (unsigned long) ldrel.l_symndx); + relbuf->sym_ptr_ptr = bfd_abs_section_ptr->symbol_ptr_ptr; + } relbuf->address = ldrel.l_vaddr; relbuf->addend = 0; @@ -5097,7 +5090,7 @@ xcoff_create_ldrel (bfd *output_bfd, struct xcoff_final_link_info *flinfo, ldrel.l_symndx = h->ldindx; } else - ldrel.l_symndx = -(bfd_size_type) 1; + ldrel.l_symndx = -1; ldrel.l_rtype = (irel->r_size << 8) | irel->r_type; ldrel.l_rsecnm = output_section->target_index; diff --git a/include/coff/xcoff.h b/include/coff/xcoff.h index 104660fa748..82d82ebdd3d 100644 --- a/include/coff/xcoff.h +++ b/include/coff/xcoff.h @@ -298,13 +298,13 @@ struct internal_ldrel bfd_vma l_vaddr; /* The symbol table index in the .loader section symbol table. */ - bfd_size_type l_symndx; + uint32_t l_symndx; /* The relocation type and size. */ - short l_rtype; + int16_t l_rtype; /* The section number this relocation applies to. */ - short l_rsecnm; + int16_t l_rsecnm; }; /* An entry in the XCOFF linker hash table. */