From patchwork Wed Oct 25 00:42:58 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 157774 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a59:ce89:0:b0:403:3b70:6f57 with SMTP id p9csp2289707vqx; Tue, 24 Oct 2023 17:43:11 -0700 (PDT) X-Google-Smtp-Source: AGHT+IEKqW/LoAlSQjWjjGXqw2kYFKw2mxvl6Sf1Ht/aUXkVW3PJMZjlVK97eOGuDRtDvMiKxWhz X-Received: by 2002:a05:6214:260f:b0:66d:4191:91ee with SMTP id gu15-20020a056214260f00b0066d419191eemr18063763qvb.51.1698194591618; Tue, 24 Oct 2023 17:43:11 -0700 (PDT) ARC-Seal: i=2; a=rsa-sha256; t=1698194591; cv=pass; d=google.com; s=arc-20160816; b=iehHaLxS77CMjlmtxJWwwlzgzZUYL7YRwH1Q5mUZpgDas6zqa0N8j77GdWnypYYcXQ jw6BA0GnFnkOuVvXXfbjeu8SdKswM7mUTmIcJQkIzEwmYBLirK4peqgoyTq4f0DiTg/N Fa9Q3AC1tx64g9piFfSQkY8AzkrqktAW1tIkHWYFpO8C0RS/enZ2TTJoUUoEOUn0Xuyd W2hRp4SY0cWZb+5dxK2j5YeuN1yxWOW2sb52HwnSqsyBJ+VJM7zr9wlhBk118GbW+wO2 4zp9WBy3HtIaAovVcoiBNRXPV9qaKJ4rJoqET9ahrZ5Y7MSlGEpW33iP35SFPH9P/3f/ Hmdw== ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=errors-to:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-disposition :mime-version:message-id:subject:to:from:date:dkim-signature :arc-filter:dmarc-filter:delivered-to; bh=xKYQOA/Wh8Tlm6jcyjKx+b45UiQRbf+mvpKZxj1qK/Y=; fh=NLxAvL/bDfPg4AGOtxqvQlND8vazkZrNzKLY8+LAbBY=; b=TwWiWmMeUBzITm+Okl/ydcH5eNE4EZE9u6t2Ll10QTtszsFks49rRwLe7xQo4F4vV+ CIcdeW/X0PLJtXCQF05XjQZMSV6n6QkzeB5w3LkU3Tf/A6anXUwLacm9DvlkHvYGiuGe r2nIoWoSGCG7wObqmLwPrlNm6X2OM13A0zOB9TfH/4ed7intx9BZFqumyuQ1WyqoG2k/ JG2MqU/m4s8BRQmwwZLMkL9SKIX6zEyCo7b48IbJ0MvlmeYRH4T/EjTHimR4oeiX0tQj OUTYd7ZoAXpoI/Fsz+8NVVp9mwIk9c/lp1ZgayMp8ZgjZD1m6JrNAiF3If+ieMJ8rcP8 poEg== ARC-Authentication-Results: i=2; mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=chOakrLe; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from server2.sourceware.org (server2.sourceware.org. [8.43.85.97]) by mx.google.com with ESMTPS id od12-20020a0562142f0c00b0064f92d244f5si8116373qvb.396.2023.10.24.17.43.11 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Oct 2023 17:43:11 -0700 (PDT) Received-SPF: pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) client-ip=8.43.85.97; Authentication-Results: mx.google.com; dkim=pass header.i=@gmail.com header.s=20230601 header.b=chOakrLe; arc=pass (i=1); spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 8.43.85.97 as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=QUARANTINE dis=NONE) header.from=gmail.com Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 63A2E385840B for ; Wed, 25 Oct 2023 00:43:11 +0000 (GMT) X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pf1-x431.google.com (mail-pf1-x431.google.com [IPv6:2607:f8b0:4864:20::431]) by sourceware.org (Postfix) with ESMTPS id AF7223858CDA for ; Wed, 25 Oct 2023 00:43:04 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AF7223858CDA Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org AF7223858CDA Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::431 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1698194586; cv=none; b=STOOEGA/V4djQNBUELzuLGVv5b/LN1xKWNlAEFEqidSmlb6KzH3bA3bqf0WSXvdrYmIQHJixmyhJZC6wCGaDpJdtQezvQeXIHIS1iYzgHuF7l0+R3VVZ1F7B2oiEGe7zATdEM6dvSKsawEaJ5mXmkUPFvi6xC7Rh9XSNz3m1Q8o= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1698194586; c=relaxed/simple; bh=dmtBkhVg9NsW1xrOJk7CcCelXMGfyy4apnQUuEUlyJU=; h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=F/PcWXk91V3kgu/EwRwQ3nXs1wVkwj0KQuf8o7wtX7ZjQAu2rCfRTFPKz218XEq9I8ixoaMYJAhUdrZZSC45VoO7fPJlMBXHmzbmuL4KwNnhcbXqHsJCqrKZFkQRb/Z3BbR7ruiXD+qqxi/zQJ63icCcIFbzCGcmtAgdq2a+PTs= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pf1-x431.google.com with SMTP id d2e1a72fcca58-6b3c2607d9bso4298378b3a.1 for ; Tue, 24 Oct 2023 17:43:04 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1698194582; x=1698799382; darn=sourceware.org; h=content-disposition:mime-version:message-id:subject:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=xKYQOA/Wh8Tlm6jcyjKx+b45UiQRbf+mvpKZxj1qK/Y=; b=chOakrLeSIK6Rf+a2PN2JyARhrgAiHyzR9XUFExfs/lBQPHA2p7hEO5DRZ/oE1Bn9B yyh2hn0PRgE461mHMI1WG4AGyLTjJ0BC0tW1UsdROoVhWQJWqI9YJWLHotEfoSju+Qse Pa0cKIdkm4vMqkpHV5hmMm0UbiRitDnHlSUcaN8tvyN0uPlezRu8T21sSdseft6RmUw3 7x9jJyq8Z7ORpthRl/dveILJONGw5U7MvAsBifXOasZLjiWkZUqxEcT5u2ERTaiCSuO1 c3PUGPUOoATOttDAQ9mhD5CTBx3gzPP2F354B5bbQvd68euaO6hSy1y5qNsPa0f4mywc jBmA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1698194582; x=1698799382; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=xKYQOA/Wh8Tlm6jcyjKx+b45UiQRbf+mvpKZxj1qK/Y=; b=M1RYGMoHWww//kdQolilC9EYiJN10W7IGrf+xNNxa+ZTyzTsDKXNcLfmqmuDOaCOw9 DD+GY+hmcNMUYnbdxl7lxTs+1WU2b5QF9ddnGahHLIP/iNeyv0kUs9cpS177/R/bQaG4 64BvPRzFefiV/krYAtg+9sD29FvqRTNktgE+BvGjrAwQbbmHQWPi8e8x/m2S8Aq3JHK8 mEqqP4tzOYLtkE4PIPX3VHUbwBaVKOK47Coa0HUKoTEDib9p1hjDW1JQVz3FY33wOOVp gGCJj+7uJlz6MTgHv9xNDKc8qDDU1ISLwHcjvZpTogs3S30kZYMkIIwbfvVLMWvMXM3Q qFzQ== X-Gm-Message-State: AOJu0YwwpqkuCfmPqHuHyzBQ8ZBHi96WM2/ZvHrYptGTsDjpHf6Ua9uX mAGHgd6p5S7sajnLUFFzLWWiQqDTIp4= X-Received: by 2002:a05:6a00:813:b0:68e:3eab:9e18 with SMTP id m19-20020a056a00081300b0068e3eab9e18mr13117054pfk.12.1698194582209; Tue, 24 Oct 2023 17:43:02 -0700 (PDT) Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158]) by smtp.gmail.com with ESMTPSA id u202-20020a6279d3000000b006b3dc56c944sm8554971pfc.133.2023.10.24.17.43.01 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 24 Oct 2023 17:43:01 -0700 (PDT) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id B1E071140406; Wed, 25 Oct 2023 11:12:58 +1030 (ACDT) Date: Wed, 25 Oct 2023 11:12:58 +1030 From: Alan Modra To: binutils@sourceware.org Subject: asan: NULL deref in alpha_ecoff_get_relocated_section_contents Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-3034.0 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1780686092214709489 X-GMAIL-MSGID: 1780686092214709489 This fixes some holes found by fuzzers, and removes aborts that can be triggered by user input to objdump. Abort should only be used within bfd to show programming errors in bfd. * coff-alpha.c (alpha_ecoff_get_relocated_section_contents): Handle NULL howto. Don't abort on stack errors or on unexpected relocs. Show more bfd reloc status messages. diff --git a/bfd/coff-alpha.c b/bfd/coff-alpha.c index 59476b57237..884073a3484 100644 --- a/bfd/coff-alpha.c +++ b/bfd/coff-alpha.c @@ -815,10 +815,20 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, arelent *rel; bfd_reloc_status_type r; char *err; + unsigned int r_type; rel = *relp; - r = bfd_reloc_ok; - switch (rel->howto->type) + if (rel->howto == NULL) + { + r = bfd_reloc_notsupported; + r_type = ALPHA_R_IGNORE; + } + else + { + r = bfd_reloc_ok; + r_type = rel->howto->type; + } + switch (r_type) { case ALPHA_R_IGNORE: rel->address += input_section->output_offset; @@ -985,7 +995,10 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, relocation += rel->addend; if (tos >= RELOC_STACKSIZE) - abort (); + { + r = bfd_reloc_notsupported; + break; + } stack[tos++] = relocation; } @@ -1004,7 +1017,10 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, } if (tos == 0) - abort (); + { + r = bfd_reloc_notsupported; + break; + } /* The offset and size for this reloc are encoded into the addend field by alpha_adjust_reloc_in. */ @@ -1045,7 +1061,10 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, relocation += rel->addend; if (tos == 0) - abort (); + { + r = bfd_reloc_notsupported; + break; + } stack[tos - 1] -= relocation; } @@ -1078,7 +1097,10 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, relocation += rel->addend; if (tos == 0) - abort (); + { + r = bfd_reloc_notsupported; + break; + } stack[tos - 1] >>= relocation; } @@ -1091,7 +1113,8 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, break; default: - abort (); + r = bfd_reloc_notsupported; + break; } if (relocatable) @@ -1123,15 +1146,30 @@ alpha_ecoff_get_relocated_section_contents (bfd *abfd, input_section, rel->address); break; case bfd_reloc_outofrange: + (*link_info->callbacks->einfo) + /* xgettext:c-format */ + (_("%X%P: %pB(%pA): relocation \"%pR\" goes out of range\n"), + abfd, input_section, rel); + goto error_return; + case bfd_reloc_notsupported: + (*link_info->callbacks->einfo) + /* xgettext:c-format */ + (_("%X%P: %pB(%pA): relocation \"%pR\" is not supported\n"), + abfd, input_section, rel); + goto error_return; default: - abort (); + (*link_info->callbacks->einfo) + /* xgettext:c-format */ + (_("%X%P: %pB(%pA): relocation \"%pR\"" + " returns an unrecognized value %x\n"), + abfd, input_section, rel, r); break; } } } if (tos != 0) - abort (); + goto error_return; successful_return: free (reloc_vector);