From patchwork Wed Aug 6 15:52:31 2014 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Chen Gang X-Patchwork-Id: 2325 Received: (qmail 14035 invoked by alias); 6 Aug 2014 15:52:49 -0000 Mailing-List: contact gdb-patches-help@sourceware.org; run by ezmlm Precedence: bulk List-Id: List-Unsubscribe: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: gdb-patches-owner@sourceware.org Delivered-To: mailing list gdb-patches@sourceware.org Received: (qmail 14007 invoked by uid 89); 6 Aug 2014 15:52:48 -0000 Authentication-Results: sourceware.org; auth=none X-Virus-Found: No X-Spam-SWARE-Status: No, score=-2.3 required=5.0 tests=AWL, BAYES_00, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW, SPF_PASS autolearn=ham version=3.3.2 X-Spam-User: qpsmtpd, 2 recipients X-HELO: mail-pa0-f42.google.com Received: from mail-pa0-f42.google.com (HELO mail-pa0-f42.google.com) (209.85.220.42) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with (AES128-SHA encrypted) ESMTPS; Wed, 06 Aug 2014 15:52:47 +0000 Received: by mail-pa0-f42.google.com with SMTP id lf10so3661115pab.15 for ; Wed, 06 Aug 2014 08:52:45 -0700 (PDT) X-Received: by 10.68.252.229 with SMTP id zv5mr12363744pbc.16.1407340365795; Wed, 06 Aug 2014 08:52:45 -0700 (PDT) Received: from [192.168.1.102] ([223.72.65.47]) by mx.google.com with ESMTPSA id zf9sm4877460pab.5.2014.08.06.08.52.43 for (version=TLSv1 cipher=RC4-SHA bits=128/128); Wed, 06 Aug 2014 08:52:45 -0700 (PDT) Message-ID: <53E24F3F.2050701@gmail.com> Date: Wed, 06 Aug 2014 23:52:31 +0800 From: Chen Gang User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 MIME-Version: 1.0 To: amodra@gmail.com, hjl.tools@gmail.com, nickc@redhat.com CC: binutils@sourceware.org, gdb-patches@sourceware.org Subject: [PATCH] bfd/coff-ppc.c: Be sure of zero terminated string after copy from '_n_name' '_n_name' may not be zero terminated string, and it may copy to 'name' or 'my_name' which are assumed that must be zero terminated string. So during copy operation, need be sure of them zero terminated. Also remove the usless asignment to 'name'. 2014-08-06 Chen Gang * coff-ppc.c (coff_ppc_relocate_section): Be sure of zero terminatedstring after copy from '_n_name'. Signed-off-by: Chen Gang --- bfd/coff-ppc.c | 15 +++++++++------ 1 file changed, 9 insertions(+), 6 deletions(-) diff --git a/bfd/coff-ppc.c b/bfd/coff-ppc.c index 3c39afa..318a220 100644 --- a/bfd/coff-ppc.c +++ b/bfd/coff-ppc.c @@ -1073,10 +1073,11 @@ coff_ppc_relocate_section (bfd *output_bfd, { /* It is a file local symbol. */ int *local_toc_table; - const char *name; + char name[SYMNMLEN + 1]; sym = syms + symndx; - name = sym->_n._n_name; + strncpy (name, sym->_n._n_name, SYMNMLEN); + name[SYMNMLEN] = '\0'; local_toc_table = obj_coff_local_toc_table(input_bfd); our_toc_offset = local_toc_table[symndx]; @@ -1225,9 +1226,14 @@ coff_ppc_relocate_section (bfd *output_bfd, case IMAGE_REL_PPC_ABSOLUTE: { const char *my_name; + char buf[SYMNMLEN + 1]; if (h == 0) - my_name = (syms+symndx)->_n._n_name; + { + strncpy (buf, (syms+symndx)->_n._n_name, SYMNMLEN); + buf[SYMNMLEN] = '\0'; + my_name = buf; + } else my_name = h->root.root.root.string; @@ -1288,11 +1294,8 @@ coff_ppc_relocate_section (bfd *output_bfd, } if (h == 0) - { /* It is a file local symbol. */ sym = syms + symndx; - name = sym->_n._n_name; - } else { char *target = 0;