From patchwork Sun Dec 15 23:34:52 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 103154 Return-Path: X-Original-To: patchwork@sourceware.org Delivered-To: patchwork@sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 84D843858C66 for ; Sun, 15 Dec 2024 23:35:46 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 84D843858C66 Authentication-Results: sourceware.org; dkim=pass (2048-bit key, unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20230601 header.b=XsVwop9a X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pg1-x533.google.com (mail-pg1-x533.google.com [IPv6:2607:f8b0:4864:20::533]) by sourceware.org (Postfix) with ESMTPS id 7FD4E3858D21 for ; Sun, 15 Dec 2024 23:34:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7FD4E3858D21 Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7FD4E3858D21 Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::533 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1734305698; cv=none; b=EDOiYdgQcEu7p3XFLStuS9yue3ZH6l1Vb/GmJeT41RjFdDeLOIX0q+gM/RaSEmkK6k5Kvj3wA4pJGAIN9ov+6ec65E2ol/8soZrbRSVBS/s2ijmZxdqkdUBh+KVRBi7rTO2rkx8fusEY/XDdpdohEvTvWbe6YV/HRZU31W94d5Q= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1734305698; c=relaxed/simple; bh=/z2N7ax7hslbn645FOHV/Hh8HwnmbAGxDYl3AIrzWuM=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=bIS9gCUI4oF+CLr7oC0QWolgXp7+S/cQmlVfhS+iuwICbnjoq/utTsExvvwmhxr4WrJF758QoonZgaMDljFO9ASa1EqEnfYZqbwsWYFw+t7/pEQ8wgCGqNg94Jx2/uFWGebxt6WaCL4ki+hBHoet2vVbdaDFwaslTwGdyLI6Fjc= ARC-Authentication-Results: i=1; server2.sourceware.org DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 7FD4E3858D21 Received: by mail-pg1-x533.google.com with SMTP id 41be03b00d2f7-7ee11ff7210so2641594a12.1 for ; Sun, 15 Dec 2024 15:34:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1734305697; x=1734910497; darn=sourceware.org; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=cdHpCAoJ5h2qV5XFhhhCMK7k5UYmYbzdLFNILqIir4U=; b=XsVwop9ar1d/0K4LdsGDkFaBWy6MNtcz6ZjFVLfrwsnJLhV49eRGRZhz7paFvoH4aq cLV6/0MoHwtFl7F+YH1N40+iu90PK+ZisYRa6DyVaLmFD7ZA0UAhGLoPadoKuOkjUWZe 0YFo2atbmJn8S3mZ6smIlfTMLOrneB8sj2S/vVH4zL7CBaFt6NdkxUr5MTCuirLtqnVX ipJ3mGItOUzlpqZ8r9h79CBx1rzufBfts2yeayCslErKYwNuHfYsBaIn7qA7PXSrt2OG +hibZWrQLTGmhkQSMqpV+FcEkRzr+WPFdf5RlkYdotQsYTdbv4seQG08xXds6ndtuZiE wJow== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1734305697; x=1734910497; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=cdHpCAoJ5h2qV5XFhhhCMK7k5UYmYbzdLFNILqIir4U=; b=fK/LkO2Y2AxQWo7sDIWrUOttCfJv8p3pUMSPwAJcchZrbsPVhCKjFQxFL/mxfwmep5 /tbiuoSY8dFHuX/75Sxr0N0fVVPS1k3fZLoZjMMxB5vcpUvNWD79vSw7pI3mPGcedC7i epxPY6z+vSAI5u3gc5WnydvQMsjPs7hk/Cy7ZAJlcS9O3c4p04zXe3AEMl/gjj8RvNxW tehZyeIcowvXKfQjALyq2F5kvyYmHBDnMH6RpBa/KyH9HitqaE64cLB4fWApw31KbkJo XCmaHKRLAvbXPzOr3RJ2NK0CQvjBjbZE4lS14Fpx4jdpgy/IpB/vCKhBPrC0pnSxwhz/ lWfg== X-Gm-Message-State: AOJu0YyPTT/BjFfkZn/R6s745w9h2fBna7laSvMhbDWK8bGgOmK03z7l NTF2WtwvAoFTZ1LC66gAjAPRUWOXr7iTjzpO+OyhdVAwGX7WXk1s5tSHCQ== X-Gm-Gg: ASbGncuY3AqAIDqySi2WRyzdu1kShJgmznA6BrIX3kG29ejFm8yUbmpKKyOms+uGBaW RYDM3fm5GIN7No6OVuX+qKQFSNgbhmFX+rnqb+nhbcMLMNH4hP+py3uKESjLWdfpQj+I+zj4pX3 qhkeKhXPL9aAqfqdTQ8Aa/JHd/nSICcR8AqcJegKAuo/nw3JdPLnYl9oW26Th4m25i5RlvuLR5x F/OzUXlKEy5ktl4jePlQoAACh6BEN/h9Z3/kM1QsyDbLxZGnb+PoF6XgYjIk6A2uwUJBRvkXGkR mBDAkLCOxd38dqxpf7zptMcWE7g= X-Google-Smtp-Source: AGHT+IGoMJF265oDOlylxxMvIh9mWSXNKmh/skJl/HS4E/FnWlWLuYayTlc16qRUEmQ9rQajBgn5DA== X-Received: by 2002:a17:90b:2712:b0:2ee:c059:7de3 with SMTP id 98e67ed59e1d1-2f28fd74298mr13828603a91.18.1734305697106; Sun, 15 Dec 2024 15:34:57 -0800 (PST) Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158]) by smtp.gmail.com with ESMTPSA id d9443c01a7336-218a1dd43c4sm31215915ad.107.2024.12.15.15.34.56 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Sun, 15 Dec 2024 15:34:56 -0800 (PST) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id 59B1E11403C7; Mon, 16 Dec 2024 10:04:52 +1030 (ACDT) Date: Mon, 16 Dec 2024 10:04:52 +1030 From: Alan Modra To: binutils@sourceware.org Subject: Move modification of bfd abs and und back to gas Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-3032.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces~patchwork=sourceware.org@sourceware.org In commit f592407e4d75 I deleted gas' obj_sec_set_private_data, and instead put the gas modification of bfd's *ABS* and *UND* sections in bfd_make_section_old_way. More recently in commit 8b5a21249537 I made tekhex symbol creation use bfd_make_section_old_way for symbol sections. After that we saw numerous non-repeatable oss-fuzz reports of accesses to freed memory involving relocation symbols. I think what is happening is: A tekhex testcase with an absolute symbol is run through the tool, modifying bfd_abs_section.symbol to point to a symbol on the bfd's objalloc memory. On closing that bfd bfd_abs_section.symbol points to freed memory. A second testcase is run through the tool with some access to the *ABS* symbol. This triggers the invalid memory access. The same thing could happen if a user runs objdump or nm with two files on the command line, the first being a tekhex file with absolute symbols, or if ld is given tekhex input among other files. Clearly, it's a bad idea to modify the *ABS* or *UND* sections for input files. bfd/ * section.c (bfd_make_section_old_way): Don't call _new_section_hook for standard abs, com, und and ind sections. gas/ * as.c (bfd_std_section_init): New function. (perform_an_assembly_pass): Move section initialisation to.. (gas_init): ..here. Use bfd_std_section_init. diff --git a/bfd/section.c b/bfd/section.c index 07546a23c9d..9ed7a38fc61 100644 --- a/bfd/section.c +++ b/bfd/section.c @@ -1145,11 +1145,6 @@ bfd_make_section_old_way (bfd *abfd, const char *name) return bfd_section_init (abfd, newsect); } - /* Call new_section_hook when "creating" the standard abs, com, und - and ind sections to tack on format specific section data. - Also, create a proper section symbol. */ - if (! BFD_SEND (abfd, _new_section_hook, (abfd, newsect))) - return NULL; return newsect; } diff --git a/gas/as.c b/gas/as.c index f20b1e0cbe5..e629f30bf7b 100644 --- a/gas/as.c +++ b/gas/as.c @@ -1176,35 +1176,9 @@ static void perform_an_assembly_pass (int argc, char ** argv) { int saw_a_file = 0; -#ifndef OBJ_MACH_O - flagword applicable; -#endif need_pass_2 = 0; -#ifndef OBJ_MACH_O - /* Create the standard sections, and those the assembler uses - internally. */ - text_section = subseg_new (TEXT_SECTION_NAME, 0); - data_section = subseg_new (DATA_SECTION_NAME, 0); - bss_section = subseg_new (BSS_SECTION_NAME, 0); - /* @@ FIXME -- we're setting the RELOC flag so that sections are assumed - to have relocs, otherwise we don't find out in time. */ - applicable = bfd_applicable_section_flags (stdoutput); - bfd_set_section_flags (text_section, - applicable & (SEC_ALLOC | SEC_LOAD | SEC_RELOC - | SEC_CODE | SEC_READONLY)); - bfd_set_section_flags (data_section, - applicable & (SEC_ALLOC | SEC_LOAD | SEC_RELOC - | SEC_DATA)); - bfd_set_section_flags (bss_section, applicable & SEC_ALLOC); - seg_info (bss_section)->bss = 1; -#endif - subseg_new (BFD_ABS_SECTION_NAME, 0); - subseg_new (BFD_UND_SECTION_NAME, 0); - reg_section = subseg_new ("*GAS `reg' section*", 0); - expr_section = subseg_new ("*GAS `expr' section*", 0); - #ifndef OBJ_MACH_O subseg_set (text_section, 0); #endif @@ -1292,6 +1266,17 @@ gas_early_init (int *argcp, char ***argvp) #endif } +/* Tack on format specific section data and create a proper section + symbol for one of the standard bfd sections. */ + +static void +bfd_std_section_init (const char *name) +{ + asection *sec = bfd_make_section_old_way (stdoutput, name); + gas_assert (BFD_SEND (stdoutput, _new_section_hook, (stdoutput, sec))); + subseg_new (name, 0); +} + /* The bulk of gas initialisation. This is after args are parsed. */ static void @@ -1353,6 +1338,29 @@ gas_init (void) free (defsyms); defsyms = next; } + +#ifndef OBJ_MACH_O + /* Create the standard sections, and those the assembler uses + internally. */ + text_section = subseg_new (TEXT_SECTION_NAME, 0); + data_section = subseg_new (DATA_SECTION_NAME, 0); + bss_section = subseg_new (BSS_SECTION_NAME, 0); + /* @@ FIXME -- we're setting the RELOC flag so that sections are assumed + to have relocs, otherwise we don't find out in time. */ + flagword applicable = bfd_applicable_section_flags (stdoutput); + bfd_set_section_flags (text_section, + applicable & (SEC_ALLOC | SEC_LOAD | SEC_RELOC + | SEC_CODE | SEC_READONLY)); + bfd_set_section_flags (data_section, + applicable & (SEC_ALLOC | SEC_LOAD | SEC_RELOC + | SEC_DATA)); + bfd_set_section_flags (bss_section, applicable & SEC_ALLOC); + seg_info (bss_section)->bss = 1; +#endif + bfd_std_section_init (BFD_ABS_SECTION_NAME); + bfd_std_section_init (BFD_UND_SECTION_NAME); + reg_section = subseg_new ("*GAS `reg' section*", 0); + expr_section = subseg_new ("*GAS `expr' section*", 0); } int