From patchwork Wed Mar  8 03:14:51 2023
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Alan Modra <amodra@gmail.com>
X-Patchwork-Id: 65986
Return-Path: <binutils-bounces+ouuuleilei=gmail.com@sourceware.org>
Delivered-To: ouuuleilei@gmail.com
Received: by 2002:a5d:5915:0:0:0:0:0 with SMTP id v21csp108019wrd;
        Tue, 7 Mar 2023 19:15:07 -0800 (PST)
X-Google-Smtp-Source: 
 AK7set8EbaWOkKlbAfs+BRJztUDAzPoJdOwUq5AA+P3wq5w1YmxgbO+sczQiH0dy5hi6n9arkkEB
X-Received: by 2002:a17:906:2a55:b0:878:66bc:2280 with SMTP id
 k21-20020a1709062a5500b0087866bc2280mr16415000eje.12.1678245307709;
        Tue, 07 Mar 2023 19:15:07 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1678245307; cv=none;
        d=google.com; s=arc-20160816;
        b=0A8CTrR1IakxZH5jl5kisgv9Xfn5K4649IeN2Z/tYjMS7ezvTY1y5af5bMPkE+UxB/
         gM03ANSdsmOxfk2B22FrPXyZKkZ4DMUGbA8AKz3a9cOoX4eIfCnIQqaBrA7iuw45bT5v
         pEOukdQgsGLJwACTYarDJCuMs7U3zYbj5wW2TQWZfgH7qHsbn5cnENhsdxqbplL6vGf1
         3UFG17xEj/s7ejLSCoQvBqgIE71Fvnp785zGq7OdtxhSDeumVNxrwgxZzysMbiM/gDoz
         HVzu9lvsrcL1/o9XgZvtE3CtS85eaZeTkXRMKhC0ARbcGZAfl2CID+wvZ6yr8rPgqBvi
         tesw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com;
 s=arc-20160816;
        h=sender:errors-to:reply-to:from:list-subscribe:list-help:list-post
         :list-archive:list-unsubscribe:list-id:precedence
         :content-disposition:mime-version:message-id:subject:to:date
         :dmarc-filter:delivered-to:dkim-signature:dkim-filter;
        bh=++7r/wir359VHsIk93bcFppQ1YDtuVz0x/ihQOslYy0=;
        b=dgSyW01Lxpb7rHpHt8sgqeyc6PUImlfh4aqiTVbGAPZg90Dz6bGA6W7Y5IcdUfwkew
         b30F/VRBAhA+wjZrp9FPE2rCvAwW7Bts2/SCfslqCmn0rD8cJShV3B+kSFUbVwxvmgSQ
         QAgnA5hv0HmjeSZsAIrlBjZhQ2wAENpBM2xZ+ngvqcGrE9Mv/t3Sg/6GH0UQVuRapk8X
         CAOu5pwziydqVGZ2pCb3IG3c9UNoaXPltRkSMfJT30YzHPjShrtFVlbDa5I30N4KeZI4
         WVXK+TEPYD9zWfg2HqQTfaqyGcWf4/AE+m79RV1isHRPoX736ILVI4Gh8bY901zkGgc+
         JSrQ==
ARC-Authentication-Results: i=1; mx.google.com;
       dkim=pass header.i=@sourceware.org header.s=default header.b=mQvjHO0y;
       spf=pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org
Received: from sourceware.org (server2.sourceware.org.
 [2620:52:3:1:0:246e:9693:128c])
        by mx.google.com with ESMTPS id
 h14-20020aa7c60e000000b004af7e6911d1si14467718edq.110.2023.03.07.19.15.07
        for <ouuuleilei@gmail.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Tue, 07 Mar 2023 19:15:07 -0800 (PST)
Received-SPF: pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 client-ip=2620:52:3:1:0:246e:9693:128c;
Authentication-Results: mx.google.com;
       dkim=pass header.i=@sourceware.org header.s=default header.b=mQvjHO0y;
       spf=pass (google.com: domain of
 binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates
 2620:52:3:1:0:246e:9693:128c as permitted sender)
 smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org";
       dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org
Received: from server2.sourceware.org (localhost [IPv6:::1])
	by sourceware.org (Postfix) with ESMTP id 466B8385B507
	for <ouuuleilei@gmail.com>; Wed,  8 Mar 2023 03:15:06 +0000 (GMT)
DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 466B8385B507
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org;
	s=default; t=1678245306;
	bh=++7r/wir359VHsIk93bcFppQ1YDtuVz0x/ihQOslYy0=;
	h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post:
	 List-Help:List-Subscribe:From:Reply-To:From;
	b=mQvjHO0y8o39myBiguwISohi+UrVgRLPWHEUF2OqGG++jINb0HbHfXEyxwKiaW3EA
	 Nfi8bnhnlcgqOuCTCbzHGw0m3H5v3qZaTN6nVRgkp8XKK6zip7m/zdRkrq0ICVYqcl
	 BvYLttTtFWd3j2e6rd2hkjzrTZ462guAnJRCDWbA=
X-Original-To: binutils@sourceware.org
Delivered-To: binutils@sourceware.org
Received: from mail-pl1-x62a.google.com (mail-pl1-x62a.google.com
 [IPv6:2607:f8b0:4864:20::62a])
 by sourceware.org (Postfix) with ESMTPS id AA0573858422
 for <binutils@sourceware.org>; Wed,  8 Mar 2023 03:14:55 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org AA0573858422
Received: by mail-pl1-x62a.google.com with SMTP id v11so16423639plz.8
 for <binutils@sourceware.org>; Tue, 07 Mar 2023 19:14:55 -0800 (PST)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20210112; t=1678245294;
 h=content-disposition:mime-version:message-id:subject:to:from:date
 :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
 bh=++7r/wir359VHsIk93bcFppQ1YDtuVz0x/ihQOslYy0=;
 b=fO+LRsV/gd8Sdon2cPyEXz02zJvUDjRujbaMxcGW+YClz8kGn0JTE6eACHiuTPRylu
 vQR7bg++qQPcFqvu7FpsQ8zWCxj196y0MayDbh4yurBGUyzEQZBzX0hQWA3yy5jgQIed
 xcHBnwzkQBglXFbopNdvUO3tWi64JImwdg5o3uOTyhZxmx71DRLSDLQ0tuW7tb9X42QA
 q/tYlk1M7YoLxPEAaWQiGoISI4WejvxPZDFlEriaTNl8R06s7wDrH25erS3W7V8yNZhh
 PU7wRusYu0skKqbeAX6G68RVkpw+8HG0r36xaJ4RkaxH3gbHeZ+dU6KooWnGyBcJm728
 qJxw==
X-Gm-Message-State: AO0yUKWnyd74m+QNpCQupXRputKbi6+Ugi+pD5j4knL+ta6XPuXN4bAb
 PRoTnyMBoQxz39f1rc879tSor5tr6wI=
X-Received: by 2002:a05:6a20:4a25:b0:cc:49cc:c79d with SMTP id
 fr37-20020a056a204a2500b000cc49ccc79dmr15491220pzb.33.1678245294378;
 Tue, 07 Mar 2023 19:14:54 -0800 (PST)
Received: from squeak.grove.modra.org
 ([2406:3400:51d:8cc0:4d08:cebd:d73f:b794])
 by smtp.gmail.com with ESMTPSA id
 x24-20020a634858000000b00502fdc789c5sm1307532pgk.27.2023.03.07.19.14.53
 for <binutils@sourceware.org>
 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
 Tue, 07 Mar 2023 19:14:54 -0800 (PST)
Received: by squeak.grove.modra.org (Postfix, from userid 1000)
 id 7971711404C3; Wed,  8 Mar 2023 13:44:51 +1030 (ACDT)
Date: Wed, 8 Mar 2023 13:44:51 +1030
To: binutils@sourceware.org
Subject: z8 and z80 coff_reloc16_extra_cases sanity checks
Message-ID: <ZAf9qw1lk5r9MWOY@squeak.grove.modra.org>
MIME-Version: 1.0
Content-Disposition: inline
X-Spam-Status: No, score=-3034.3 required=5.0 tests=BAYES_00, DKIM_SIGNED,
 DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0,
 RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS,
 TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on
 server2.sourceware.org
X-BeenThere: binutils@sourceware.org
X-Mailman-Version: 2.1.29
Precedence: list
List-Id: Binutils mailing list <binutils.sourceware.org>
List-Unsubscribe: <https://sourceware.org/mailman/options/binutils>,
 <mailto:binutils-request@sourceware.org?subject=unsubscribe>
List-Archive: <https://sourceware.org/pipermail/binutils/>
List-Post: <mailto:binutils@sourceware.org>
List-Help: <mailto:binutils-request@sourceware.org?subject=help>
List-Subscribe: <https://sourceware.org/mailman/listinfo/binutils>,
 <mailto:binutils-request@sourceware.org?subject=subscribe>
X-Patchwork-Original-From: Alan Modra via Binutils <binutils@sourceware.org>
From: Alan Modra <amodra@gmail.com>
Reply-To: Alan Modra <amodra@gmail.com>
Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org
Sender: "Binutils" <binutils-bounces+ouuuleilei=gmail.com@sourceware.org>
X-getmail-retrieved-from-mailbox: =?utf-8?q?INBOX?=
X-GMAIL-THRID: =?utf-8?q?1759767751715675964?=
X-GMAIL-MSGID: =?utf-8?q?1759767751715675964?=

* reloc16.c (bfd_coff_reloc16_get_relocated_section_contents):
	Use size_t variables.  Sanity check reloc address.  Handle
	errors from bfd_coff_reloc16_extra_cases.
	* coffcode.h (_bfd_coff_reloc16_extra_cases): Return bool, take
	size_t* args.
	(dummy_reloc16_extra_cases): Adjust to suit.  Don't abort.
	* coff-z80.c (extra_case): Sanity check reloc address.  Return
	errors.  Tidy formatting.  Use bfd_signed_vma temp var to
	check for reloc overflow.  Don't abort on unexpected reloc type,
	instead print an error and return false.
	* coff-z8k.c (extra_case): Likewise.
	* libcoff.h: Regenerate.

diff --git a/bfd/coff-z80.c b/bfd/coff-z80.c
index c782e326bdb..702fe6550b5 100644
--- a/bfd/coff-z80.c
+++ b/bfd/coff-z80.c
@@ -330,77 +330,92 @@ reloc_processing (arelent *relent,
   relent->address -= section->vma;
 }
 
-static void
+static bool
 extra_case (bfd *in_abfd,
 	    struct bfd_link_info *link_info,
 	    struct bfd_link_order *link_order,
 	    arelent *reloc,
 	    bfd_byte *data,
-	    unsigned int *src_ptr,
-	    unsigned int *dst_ptr)
+	    size_t *src_ptr,
+	    size_t *dst_ptr)
 {
   asection * input_section = link_order->u.indirect.section;
-  int val = bfd_coff_reloc16_get_value (reloc, link_info, input_section);
+  bfd_size_type end = bfd_get_section_limit_octets (in_abfd, input_section);
+  bfd_size_type reloc_size = bfd_get_reloc_size (reloc->howto);
+
+  if (*src_ptr > end
+      || reloc_size > end - *src_ptr)
+    {
+      link_info->callbacks->einfo
+	/* xgettext:c-format */
+	(_("%X%P: %pB(%pA): relocation \"%pR\" goes out of range\n"),
+	 in_abfd, input_section, reloc);
+      return false;
+    }
 
+  int val = bfd_coff_reloc16_get_value (reloc, link_info, input_section);
   switch (reloc->howto->type)
     {
     case R_OFF8:
       if (reloc->howto->partial_inplace)
-        val += (signed char)(bfd_get_8 ( in_abfd, data+*src_ptr)
-                             & reloc->howto->src_mask);
-      if (val>127 || val<-128) /* Test for overflow.  */
-	  (*link_info->callbacks->reloc_overflow)
+	val += (signed char) (bfd_get_8 (in_abfd, data + *src_ptr)
+			      & reloc->howto->src_mask);
+      if (val > 127 || val < -128)
+	{
+	  link_info->callbacks->reloc_overflow
 	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
 	     reloc->howto->name, reloc->addend, input_section->owner,
 	     input_section, reloc->address);
+	  return false;
+	}
 
-	bfd_put_8 (in_abfd, val, data + *dst_ptr);
-	(*dst_ptr) += 1;
-	(*src_ptr) += 1;
+      bfd_put_8 (in_abfd, val, data + *dst_ptr);
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_BYTE3:
       bfd_put_8 (in_abfd, val >> 24, data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_BYTE2:
       bfd_put_8 (in_abfd, val >> 16, data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_BYTE1:
       bfd_put_8 (in_abfd, val >> 8, data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_IMM8:
       if (reloc->howto->partial_inplace)
-        val += bfd_get_8 ( in_abfd, data+*src_ptr) & reloc->howto->src_mask;
+	val += bfd_get_8 (in_abfd, data + *src_ptr) & reloc->howto->src_mask;
       /* Fall through.  */
     case R_BYTE0:
       bfd_put_8 (in_abfd, val, data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_WORD1:
       bfd_put_16 (in_abfd, val >> 16, data + *dst_ptr);
-      (*dst_ptr) += 2;
-      (*src_ptr) += 2;
+      *dst_ptr += 2;
+      *src_ptr += 2;
       break;
 
     case R_IMM16:
       if (reloc->howto->partial_inplace)
-        val += bfd_get_16 ( in_abfd, data+*src_ptr) & reloc->howto->src_mask;
+	val += bfd_get_16 (in_abfd, data + *src_ptr) & reloc->howto->src_mask;
       /* Fall through.  */
     case R_WORD0:
       bfd_put_16 (in_abfd, val, data + *dst_ptr);
-      (*dst_ptr) += 2;
-      (*src_ptr) += 2;
+      *dst_ptr += 2;
+      *src_ptr += 2;
       break;
 
     case R_IMM24:
@@ -408,53 +423,62 @@ extra_case (bfd *in_abfd,
 	val += (bfd_get_24 (in_abfd, data + *src_ptr)
 		& reloc->howto->src_mask);
       bfd_put_24 (in_abfd, val, data + *dst_ptr);
-      (*dst_ptr) += 3;
-      (*src_ptr) += 3;
+      *dst_ptr += 3;
+      *src_ptr += 3;
       break;
 
     case R_IMM32:
       if (reloc->howto->partial_inplace)
-        val += bfd_get_32 ( in_abfd, data+*src_ptr) & reloc->howto->src_mask;
+	val += bfd_get_32 (in_abfd, data + *src_ptr) & reloc->howto->src_mask;
       bfd_put_32 (in_abfd, val, data + *dst_ptr);
-      (*dst_ptr) += 4;
-      (*src_ptr) += 4;
+      *dst_ptr += 4;
+      *src_ptr += 4;
       break;
 
     case R_JR:
       {
-        if (reloc->howto->partial_inplace)
-          val += (signed char)(bfd_get_8 ( in_abfd, data+*src_ptr) 
-                               & reloc->howto->src_mask);
+	if (reloc->howto->partial_inplace)
+	  val += (signed char) (bfd_get_8 (in_abfd, data + *src_ptr)
+				& reloc->howto->src_mask);
 	bfd_vma dot = (*dst_ptr
 		       + input_section->output_offset
 		       + input_section->output_section->vma);
-	int gap = val - dot;
+	bfd_signed_vma gap = val - dot;
 	if (gap >= 128 || gap < -128)
-	  (*link_info->callbacks->reloc_overflow)
-	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
-	     reloc->howto->name, reloc->addend, input_section->owner,
-	     input_section, reloc->address);
+	  {
+	    link_info->callbacks->reloc_overflow
+	      (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
+	       reloc->howto->name, reloc->addend, input_section->owner,
+	       input_section, reloc->address);
+	    return false;
+	  }
 
 	bfd_put_8 (in_abfd, gap, data + *dst_ptr);
-	(*dst_ptr)++;
-	(*src_ptr)++;
+	*dst_ptr += 1;
+	*src_ptr += 1;
 	break;
       }
 
     case R_IMM16BE:
       if (reloc->howto->partial_inplace)
-	val += (bfd_get_8 ( in_abfd, data+*src_ptr+0) * 0x100 +
-		bfd_get_8 ( in_abfd, data+*src_ptr+1)) & reloc->howto->src_mask;
+	val += ((bfd_get_8 (in_abfd, data + *src_ptr + 0) * 0x100
+		 + bfd_get_8 (in_abfd, data + *src_ptr + 1))
+		& reloc->howto->src_mask);
       
-      bfd_put_8 (in_abfd, val >> 8, data + *dst_ptr+0);
-      bfd_put_8 (in_abfd, val, data + *dst_ptr+1);
-      (*dst_ptr) += 2;
-      (*src_ptr) += 2;
+      bfd_put_8 (in_abfd, val >> 8, data + *dst_ptr + 0);
+      bfd_put_8 (in_abfd, val, data + *dst_ptr + 1);
+      *dst_ptr += 2;
+      *src_ptr += 2;
       break;
 
     default:
-      abort ();
+      link_info->callbacks->einfo
+	/* xgettext:c-format */
+	(_("%X%P: %pB(%pA): relocation \"%pR\" is not supported\n"),
+	 in_abfd, input_section, reloc);
+      return false;
     }
+  return true;
 }
 
 static bool
diff --git a/bfd/coff-z8k.c b/bfd/coff-z8k.c
index d030056f372..f50e1c819ae 100644
--- a/bfd/coff-z8k.c
+++ b/bfd/coff-z8k.c
@@ -193,16 +193,28 @@ reloc_processing (arelent *relent,
   relent->address -= section->vma;
 }
 
-static void
+static bool
 extra_case (bfd *in_abfd,
 	    struct bfd_link_info *link_info,
 	    struct bfd_link_order *link_order,
 	    arelent *reloc,
 	    bfd_byte *data,
-	    unsigned int *src_ptr,
-	    unsigned int *dst_ptr)
+	    size_t *src_ptr,
+	    size_t *dst_ptr)
 {
   asection * input_section = link_order->u.indirect.section;
+  bfd_size_type end = bfd_get_section_limit_octets (in_abfd, input_section);
+  bfd_size_type reloc_size = bfd_get_reloc_size (reloc->howto);
+
+  if (*src_ptr > end
+      || reloc_size > end - *src_ptr)
+    {
+      link_info->callbacks->einfo
+	/* xgettext:c-format */
+	(_("%X%P: %pB(%pA): relocation \"%pR\" goes out of range\n"),
+	 in_abfd, input_section, reloc);
+      return false;
+    }
 
   switch (reloc->howto->type)
     {
@@ -210,8 +222,8 @@ extra_case (bfd *in_abfd,
       bfd_put_8 (in_abfd,
 		 bfd_coff_reloc16_get_value (reloc, link_info, input_section),
 		 data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_IMM32:
@@ -234,27 +246,26 @@ extra_case (bfd *in_abfd,
 	  dst = (dst & 0xffff) | ((dst & 0xff0000) << 8) | 0x80000000;
 	  bfd_put_32 (in_abfd, dst, data + *dst_ptr);
 	}
-      (*dst_ptr) += 4;
-      (*src_ptr) += 4;
+      *dst_ptr += 4;
+      *src_ptr += 4;
       break;
 
     case R_IMM4L:
       bfd_put_8 (in_abfd,
 		 ((bfd_get_8 (in_abfd, data + *dst_ptr) & 0xf0)
-		  | (0x0f
-		     & bfd_coff_reloc16_get_value (reloc, link_info,
-						   input_section))),
+		  | (0x0f & bfd_coff_reloc16_get_value (reloc, link_info,
+							input_section))),
 		 data + *dst_ptr);
-      (*dst_ptr) += 1;
-      (*src_ptr) += 1;
+      *dst_ptr += 1;
+      *src_ptr += 1;
       break;
 
     case R_IMM16:
       bfd_put_16 (in_abfd,
 		  bfd_coff_reloc16_get_value (reloc, link_info, input_section),
 		  data + *dst_ptr);
-      (*dst_ptr) += 2;
-      (*src_ptr) += 2;
+      *dst_ptr += 2;
+      *src_ptr += 2;
       break;
 
     case R_JR:
@@ -264,21 +275,22 @@ extra_case (bfd *in_abfd,
 	bfd_vma dot = (*dst_ptr
 		       + input_section->output_offset
 		       + input_section->output_section->vma);
-	int gap = dst - dot - 1;  /* -1, since we're in the odd byte of the
-				     word and the pc's been incremented.  */
-
-	if (gap & 1)
-	  abort ();
-	gap /= 2;
-	if (gap > 127 || gap < -128)
-	  (*link_info->callbacks->reloc_overflow)
-	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
-	     reloc->howto->name, reloc->addend, input_section->owner,
-	     input_section, reloc->address);
-
-	bfd_put_8 (in_abfd, gap, data + *dst_ptr);
-	(*dst_ptr)++;
-	(*src_ptr)++;
+	/* -1, since we're in the odd byte of the word and the pc has
+	   been incremented.  */
+	bfd_signed_vma gap = dst - dot - 1;
+
+	if ((gap & 1) != 0 || gap > 254 || gap < -256)
+	  {
+	    link_info->callbacks->reloc_overflow
+	      (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
+	       reloc->howto->name, reloc->addend, input_section->owner,
+	       input_section, reloc->address);
+	    return false;
+	  }
+
+	bfd_put_8 (in_abfd, gap / 2, data + *dst_ptr);
+	*dst_ptr += 1;
+	*src_ptr += 1;
 	break;
       }
 
@@ -289,24 +301,23 @@ extra_case (bfd *in_abfd,
 	bfd_vma dot = (*dst_ptr
 		       + input_section->output_offset
 		       + input_section->output_section->vma);
-	int gap = dst - dot - 1;  /* -1, since we're in the odd byte of the
-				     word and the pc's been incremented.  */
-
-	if (gap & 1)
-	  abort ();
-	gap /= 2;
+	bfd_signed_vma gap = dst - dot - 1;
 
-	if (gap > 0 || gap < -127)
-	  (*link_info->callbacks->reloc_overflow)
-	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
-	     reloc->howto->name, reloc->addend, input_section->owner,
-	     input_section, reloc->address);
+	if ((gap & 1) != 0 || gap > 0 || gap < -254)
+	  {
+	    link_info->callbacks->reloc_overflow
+	      (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
+	       reloc->howto->name, reloc->addend, input_section->owner,
+	       input_section, reloc->address);
+	    return false;
+	  }
 
 	bfd_put_8 (in_abfd,
-		   (bfd_get_8 ( in_abfd, data + *dst_ptr) & 0x80) + (-gap & 0x7f),
+		   ((bfd_get_8 (in_abfd, data + *dst_ptr) & 0x80)
+		    + (-gap / 2 & 0x7f)),
 		   data + *dst_ptr);
-	(*dst_ptr)++;
-	(*src_ptr)++;
+	*dst_ptr += 1;
+	*src_ptr += 1;
 	break;
       }
 
@@ -317,22 +328,23 @@ extra_case (bfd *in_abfd,
 	bfd_vma dot = (*dst_ptr
 		       + input_section->output_offset
 		       + input_section->output_section->vma);
-	int gap = dst - dot - 2;
+	bfd_signed_vma gap = dst - dot - 2;
 
-	if (gap & 1)
-	  abort ();
-	if (gap > 4096 || gap < -4095)
-	  (*link_info->callbacks->reloc_overflow)
-	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
-	     reloc->howto->name, reloc->addend, input_section->owner,
-	     input_section, reloc->address);
+	if ((gap & 1) != 0 || gap > 4096 || gap < -4095)
+	  {
+	    link_info->callbacks->reloc_overflow
+	      (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
+	       reloc->howto->name, reloc->addend, input_section->owner,
+	       input_section, reloc->address);
+	    return false;
+	  }
 
-	gap /= 2;
 	bfd_put_16 (in_abfd,
-		    (bfd_get_16 ( in_abfd, data + *dst_ptr) & 0xf000) | (-gap & 0x0fff),
+		    ((bfd_get_16 (in_abfd, data + *dst_ptr) & 0xf000)
+		     | (-gap / 2 & 0x0fff)),
 		    data + *dst_ptr);
-	(*dst_ptr) += 2;
-	(*src_ptr) += 2;
+	*dst_ptr += 2;
+	*src_ptr += 2;
 	break;
       }
 
@@ -343,23 +355,31 @@ extra_case (bfd *in_abfd,
 	bfd_vma dot = (*dst_ptr
 		       + input_section->output_offset
 		       + input_section->output_section->vma);
-	int gap = dst - dot - 2;
+	bfd_signed_vma gap = dst - dot - 2;
 
 	if (gap > 32767 || gap < -32768)
-	  (*link_info->callbacks->reloc_overflow)
-	    (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
-	     reloc->howto->name, reloc->addend, input_section->owner,
-	     input_section, reloc->address);
-
-	bfd_put_16 (in_abfd, (bfd_vma) gap, data + *dst_ptr);
-	(*dst_ptr) += 2;
-	(*src_ptr) += 2;
+	  {
+	    link_info->callbacks->reloc_overflow
+	      (link_info, NULL, bfd_asymbol_name (*reloc->sym_ptr_ptr),
+	       reloc->howto->name, reloc->addend, input_section->owner,
+	       input_section, reloc->address);
+	    return false;
+	  }
+
+	bfd_put_16 (in_abfd, gap, data + *dst_ptr);
+	*dst_ptr += 2;
+	*src_ptr += 2;
 	break;
       }
 
     default:
-      abort ();
+      link_info->callbacks->einfo
+	/* xgettext:c-format */
+	(_("%X%P: %pB(%pA): relocation \"%pR\" is not supported\n"),
+	 in_abfd, input_section, reloc);
+      return false;
     }
+  return true;
 }
 
 #define coff_reloc16_extra_cases    extra_case
diff --git a/bfd/coffcode.h b/bfd/coffcode.h
index c4f7d199c82..7a4c409a756 100644
--- a/bfd/coffcode.h
+++ b/bfd/coffcode.h
@@ -1495,9 +1495,9 @@ Special entry points for gdb to swap in coff symbol table parts:
 .    (bfd *, FILE *, combined_entry_type *, combined_entry_type *,
 .     combined_entry_type *, unsigned int);
 .
-.  void (*_bfd_coff_reloc16_extra_cases)
+.  bool (*_bfd_coff_reloc16_extra_cases)
 .    (bfd *, struct bfd_link_info *, struct bfd_link_order *, arelent *,
-.     bfd_byte *, unsigned int *, unsigned int *);
+.     bfd_byte *, size_t *, size_t *);
 .
 .  int (*_bfd_coff_reloc16_estimate)
 .    (bfd *, asection *, arelent *, unsigned int,
@@ -5331,18 +5331,16 @@ dummy_reloc16_estimate (bfd *abfd ATTRIBUTE_UNUSED,
 
 #define coff_reloc16_extra_cases dummy_reloc16_extra_cases
 
-/* This works even if abort is not declared in any header file.  */
-
-static void
+static bool
 dummy_reloc16_extra_cases (bfd *abfd ATTRIBUTE_UNUSED,
 			   struct bfd_link_info *link_info ATTRIBUTE_UNUSED,
 			   struct bfd_link_order *link_order ATTRIBUTE_UNUSED,
 			   arelent *reloc ATTRIBUTE_UNUSED,
 			   bfd_byte *data ATTRIBUTE_UNUSED,
-			   unsigned int *src_ptr ATTRIBUTE_UNUSED,
-			   unsigned int *dst_ptr ATTRIBUTE_UNUSED)
+			   size_t *src_ptr ATTRIBUTE_UNUSED,
+			   size_t *dst_ptr ATTRIBUTE_UNUSED)
 {
-  abort ();
+  return false;
 }
 #endif
 
diff --git a/bfd/libcoff.h b/bfd/libcoff.h
index c2c1f4add3a..b7a4f677411 100644
--- a/bfd/libcoff.h
+++ b/bfd/libcoff.h
@@ -801,9 +801,9 @@ typedef struct
     (bfd *, FILE *, combined_entry_type *, combined_entry_type *,
      combined_entry_type *, unsigned int);
 
-  void (*_bfd_coff_reloc16_extra_cases)
+  bool (*_bfd_coff_reloc16_extra_cases)
     (bfd *, struct bfd_link_info *, struct bfd_link_order *, arelent *,
-     bfd_byte *, unsigned int *, unsigned int *);
+     bfd_byte *, size_t *, size_t *);
 
   int (*_bfd_coff_reloc16_estimate)
     (bfd *, asection *, arelent *, unsigned int,
diff --git a/bfd/reloc16.c b/bfd/reloc16.c
index fb4c04d558e..3b4e483f75e 100644
--- a/bfd/reloc16.c
+++ b/bfd/reloc16.c
@@ -292,10 +292,10 @@ bfd_coff_reloc16_get_relocated_section_contents
     {
       arelent **parent = reloc_vector;
       arelent *reloc;
-      unsigned int dst_address = 0;
-      unsigned int src_address = 0;
-      unsigned int run;
-      unsigned int idx;
+      size_t dst_address = 0;
+      size_t src_address = 0;
+      size_t run;
+      size_t idx;
 
       /* Find how long a run we can do.  */
       while (dst_address < link_order->size)
@@ -306,6 +306,15 @@ bfd_coff_reloc16_get_relocated_section_contents
 	      /* Note that the relaxing didn't tie up the addresses in the
 		 relocation, so we use the original address to work out the
 		 run of non-relocated data.  */
+	      if (reloc->address > link_order->size
+		  || reloc->address < src_address)
+		{
+		  link_info->callbacks->einfo
+		    /* xgettext:c-format */
+		    (_("%X%P: %pB(%pA): relocation \"%pR\" goes out of range\n"),
+		     input_bfd, input_section, reloc);
+		  goto error_return;
+		}
 	      run = reloc->address - src_address;
 	      parent++;
 	    }
@@ -319,12 +328,11 @@ bfd_coff_reloc16_get_relocated_section_contents
 	    data[dst_address++] = data[src_address++];
 
 	  /* Now do the relocation.  */
-	  if (reloc)
-	    {
-	      bfd_coff_reloc16_extra_cases (input_bfd, link_info, link_order,
-					    reloc, data, &src_address,
-					    &dst_address);
-	    }
+	  if (reloc
+	      && !bfd_coff_reloc16_extra_cases (input_bfd, link_info,
+						link_order, reloc, data,
+						&src_address, &dst_address))
+	    goto error_return;
 	}
     }
   free (reloc_vector);