From patchwork Tue Nov 7 16:51:22 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Michael Matz X-Patchwork-Id: 79342 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 0477D3857727 for ; Tue, 7 Nov 2023 16:51:40 +0000 (GMT) X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from smtp-out2.suse.de (smtp-out2.suse.de [IPv6:2001:67c:2178:6::1d]) by sourceware.org (Postfix) with ESMTPS id 84DD63858414 for ; Tue, 7 Nov 2023 16:51:23 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 84DD63858414 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=suse.de Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=suse.de ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 84DD63858414 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2001:67c:2178:6::1d ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699375885; cv=none; b=rphIjnbJIw1VWkwsbx3vQHPJ77uikxjU1WZhOWstuaC7yh7TOr0MNECX2qKnYxucfr6FRH3MXHIGvTc/xuuIA4ESjwj3EFVY8gCl6fynpUm4L6gz3ju/1h9P80pazrUDpV0fvbDmZt8X9SUXr91sPyU9lNJAvEfEcKEdx5Ca4NU= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1699375885; c=relaxed/simple; bh=B0l2rz8sA1rpHIpmac8HfFiVYBZ5uH7kSACdBCPjwUA=; h=DKIM-Signature:DKIM-Signature:Date:From:To:Subject:Message-ID: MIME-Version; b=SvFiesAyca8o7GekNNsXws0oQ7ACGYZhMLXCAs0P7ZfYnCuDZEIOmuQc4GpXYjMD0SKkUyJ8qf39AMrloF9LdpXTouPoIucCNTKeH4CZ/5BfQeAr/wtM0+MGBn/gRAYjTJIt1QDr1uY5xHlkNA0rY9DDUKlZvjEByHo7A5Jm1G0= ARC-Authentication-Results: i=1; server2.sourceware.org Received: from relay2.suse.de (relay2.suse.de [149.44.160.134]) by smtp-out2.suse.de (Postfix) with ESMTP id 8B12C1F37C for ; Tue, 7 Nov 2023 16:51:22 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_rsa; t=1699375882; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version:content-type:content-type; bh=PlSlnNheNWxxmnSBPjm8Dj0sHbXOU2pr6TeuKIcK3rM=; b=dA0YelgMNB/vNVeZn7ue8kZM90K5Hx2tJViPnB40R8z/F873ZeZMTlQ8ijaXmoThwIFYKE 05EnuVg4vouEf2vU10GhkBndAFfdRL5FoW428jU2Z838iQNYAEsNTTyK26F1Qsw/kUM4Zf T86sybRnKUzopoOY7q7eb0rxrgmUTkE= DKIM-Signature: v=1; a=ed25519-sha256; c=relaxed/relaxed; d=suse.de; s=susede2_ed25519; t=1699375882; h=from:from:reply-to:date:date:message-id:message-id:to:to:cc: mime-version:mime-version:content-type:content-type; bh=PlSlnNheNWxxmnSBPjm8Dj0sHbXOU2pr6TeuKIcK3rM=; b=6lH4oXj5uqfY1fsJRHAyLqtEfBjyCORSlN26WGll7vukRD6iI6qZrThATVhW+Q/EFXR+K3 R1FZzxD+7cs0EqCw== Received: from wotan.suse.de (wotan.suse.de [10.160.0.1]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by relay2.suse.de (Postfix) with ESMTPS id 584A52D128 for ; Tue, 7 Nov 2023 16:51:22 +0000 (UTC) Received: by wotan.suse.de (Postfix, from userid 10510) id 7EA1E66A4; Tue, 7 Nov 2023 16:51:22 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by wotan.suse.de (Postfix) with ESMTP id 7C87C6588 for ; Tue, 7 Nov 2023 16:51:22 +0000 (UTC) Date: Tue, 7 Nov 2023 16:51:22 +0000 (UTC) From: Michael Matz To: binutils@sourceware.org Subject: ld: Avoid overflows in string merging Message-ID: User-Agent: Alpine 2.20 (LSU 67 2015-01-07) MIME-Version: 1.0 X-Spam-Status: No, score=-9.2 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, GIT_PATCH_0, SPF_HELO_NONE, SPF_PASS, TXREP, T_SCC_BODY_TEXT_LINE autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces+patchwork=sourceware.org@sourceware.org as the bug report shows we had an overflow in the test if hash table resizing is needed. Reorder the expression to avoid that. There's still a bug somewhere in gracefully handling failure in resizing (e.g. out of memory), but this pushes the boundary for that occurring somewhen into the future and immediately helps the reporter. bfd/ PR ld/31009 * merge.c (sec_merge_maybe_resize): Avoid overflow in expression. (sec_merge_hash_insert): Adjust assert. --- regtested on many targets, okay for master? bfd/merge.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/bfd/merge.c b/bfd/merge.c index 722e6659486..4aa2f838679 100644 --- a/bfd/merge.c +++ b/bfd/merge.c @@ -167,7 +167,7 @@ static bool sec_merge_maybe_resize (struct sec_merge_hash *table, unsigned added) { struct bfd_hash_table *bfdtab = &table->table; - if (bfdtab->count + added > table->nbuckets * 2 / 3) + if (bfdtab->count + added > table->nbuckets / 3 * 2) { unsigned i; unsigned long newnb = table->nbuckets * 2; @@ -175,7 +175,7 @@ sec_merge_maybe_resize (struct sec_merge_hash *table, unsigned added) uint64_t *newl; unsigned long alloc; - while (bfdtab->count + added > newnb * 2 / 3) + while (bfdtab->count + added > newnb / 3 * 2) { newnb *= 2; if (!newnb) @@ -240,7 +240,7 @@ sec_merge_hash_insert (struct sec_merge_hash *table, hashp->u.suffix = NULL; hashp->next = NULL; // We must not need resizing, otherwise _index is wrong - BFD_ASSERT (bfdtab->count + 1 <= table->nbuckets * 2 / 3); + BFD_ASSERT (bfdtab->count + 1 <= table->nbuckets / 3 * 2); bfdtab->count++; table->key_lens[_index] = (hash << 32) | (uint32_t)len; table->values[_index] = hashp;