From patchwork Fri Aug 4 08:28:32 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Alan Modra X-Patchwork-Id: 131008 Return-Path: Delivered-To: ouuuleilei@gmail.com Received: by 2002:a05:612c:44a:b0:3f2:4152:657d with SMTP id ez10csp111140vqb; Fri, 4 Aug 2023 01:28:56 -0700 (PDT) X-Google-Smtp-Source: AGHT+IFgqDFe4uzDvNAGd3xaQtEuJj0qElFE6ocl4WQ1czVLE/ieACXTsXTlpJ54mop7IwCdvEww X-Received: by 2002:a17:907:271a:b0:992:4250:545b with SMTP id w26-20020a170907271a00b009924250545bmr781279ejk.47.1691137735920; Fri, 04 Aug 2023 01:28:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1691137735; cv=none; d=google.com; s=arc-20160816; b=BqBugQwzD0pPaEuO3Hm9s2cFkGGY9FOo4orJkf+FrW319VDtblNQVWIphm+vPqCwqy Vm04YZ1kBpW98ALofj2Y8rEHm7NJscEyn6l0fPY/YKFz/Xjsqzw47eOn6vQICiOyK2Gh mT52nbLj6Q6ZUpThhinvIqHK1lKQ8fpszRao/xMGBgwQgpSyjoHp83cnAew9w1Z1YLLn N8ld7K7jABTSRVvAsoFGj1zzSsTZuVaWkV8+02G2EBT9QnOpwWIEQl8B8VYM21yBuiSM p3VGD+h4bRGZCyBOP3Umioq6UaCFKUY+y+0IRE4QZCvnjip4Zd6tdQbg8l296O4FQ1xT sqRw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:reply-to:from:list-subscribe:list-help:list-post :list-archive:list-unsubscribe:list-id:precedence :content-disposition:mime-version:message-id:subject:to:date :dmarc-filter:delivered-to:dkim-signature:dkim-filter; bh=hxL0JgZTYQ8lmCU5lgVFh+1UVU9nSuGQhWoHTFuOHOA=; fh=HNIqzTA9Dp00ovCAyCdXfuEvWDT00OlFxFRPLybXRis=; b=hHiHVK1BDjtZi92ha7aoEraSkLosHRs+QTXzDTrssDLfIBK91gO1gQWey+X7F6WzYf lo4Twa/mIv7ab3VSWMDmIz4kjir8VjSq6FbY4ulHCeWK+wZGwf+aYwEmscS8JuOIHG2r c/wJ82pW2P4TCsubLAUAYMLXBUH8cdEiP4aj+BsjTUJgAJWWt1iZ64kHwSSmZvI1dhrs j9s1D8roqwrYoK+C8XCImS7rlfE8/g1VWtsZlxMV5UbTmDCB+LnVxaoxvHneqYiZo62K VKxkRBUe0L/2g85kR6XlwKz4cq0bbjQboBHMOWUcDEUJnIpnICvpZTgVefa5OCIMOj35 63qg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=dpsgn4lk; spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org Received: from server2.sourceware.org (server2.sourceware.org. [2620:52:3:1:0:246e:9693:128c]) by mx.google.com with ESMTPS id r21-20020a17090638d500b00993253791d2si1251244ejd.575.2023.08.04.01.28.55 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 01:28:55 -0700 (PDT) Received-SPF: pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) client-ip=2620:52:3:1:0:246e:9693:128c; Authentication-Results: mx.google.com; dkim=pass header.i=@sourceware.org header.s=default header.b=dpsgn4lk; spf=pass (google.com: domain of binutils-bounces+ouuuleilei=gmail.com@sourceware.org designates 2620:52:3:1:0:246e:9693:128c as permitted sender) smtp.mailfrom="binutils-bounces+ouuuleilei=gmail.com@sourceware.org"; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=sourceware.org Received: from server2.sourceware.org (localhost [IPv6:::1]) by sourceware.org (Postfix) with ESMTP id 1F8983857726 for ; Fri, 4 Aug 2023 08:28:52 +0000 (GMT) DKIM-Filter: OpenDKIM Filter v2.11.0 sourceware.org 1F8983857726 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=sourceware.org; s=default; t=1691137732; bh=hxL0JgZTYQ8lmCU5lgVFh+1UVU9nSuGQhWoHTFuOHOA=; h=Date:To:Subject:List-Id:List-Unsubscribe:List-Archive:List-Post: List-Help:List-Subscribe:From:Reply-To:From; b=dpsgn4lkJQhUmWRobqKVCysSekLZtGcDXlGFf6M6z4GwG0yY8/5jAD3o1nUGt8eXE 6rUgeQ/ZM/HNl26RhZB6h43+jn8pSFC9erXv0cUdUizuoP6AYa1U7Q9x8nsgkQPcJ0 li3cu8xQ0eKycrIlhnacWX5zuu0BvCVsstPnWKFg= X-Original-To: binutils@sourceware.org Delivered-To: binutils@sourceware.org Received: from mail-pl1-x635.google.com (mail-pl1-x635.google.com [IPv6:2607:f8b0:4864:20::635]) by sourceware.org (Postfix) with ESMTPS id 2715A385771A for ; Fri, 4 Aug 2023 08:28:37 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 2715A385771A Received: by mail-pl1-x635.google.com with SMTP id d9443c01a7336-1bbdc05a93bso13184175ad.0 for ; Fri, 04 Aug 2023 01:28:37 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1691137716; x=1691742516; h=content-disposition:mime-version:message-id:subject:to:from:date :x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=hxL0JgZTYQ8lmCU5lgVFh+1UVU9nSuGQhWoHTFuOHOA=; b=i1xgdJtO6AWpx0d3yTRecZDY1Uce831Fcpy78NnGsfernhORr/+wOWXUSC7rkxlXQQ JKLoXfxpModpWhs5XsMClUZ9OGKuryPS6z+GE8ruwPfkSqPofseL9EZnK6ihFgRrOrEb kW0zjiZlhL480bIapsga0cssMXfK5nq/aaMpz/QSbnQsYrudBQg+cv/tcC8idCfjGQ+b nRV3Xv+nLUWaIFyEZH7MMguQ76sBOD/znNisk/AhYnWAV3nqTezkNbTTsvzneJI5piJM lVJTycST8EdKx9PCFs1J4w6z30xY54I3etxVMjTHarbmG//9nxs0nxkqSeH+4WqPdIA1 5IwQ== X-Gm-Message-State: AOJu0Ywh7+6rEoFgJekBlffC++OGOCZKj4TYWsqcyCo4Rj28BO4LaqTd CF1PCa0hQiodAjLMCQ0o57/DvG5KsKw= X-Received: by 2002:a17:902:ed8c:b0:1b8:89fd:6213 with SMTP id e12-20020a170902ed8c00b001b889fd6213mr906073plj.35.1691137715538; Fri, 04 Aug 2023 01:28:35 -0700 (PDT) Received: from squeak.grove.modra.org ([2406:3400:51d:8cc0:d620:3662:c089:71e4]) by smtp.gmail.com with ESMTPSA id r14-20020a170902be0e00b001bb381b8260sm1168078pls.100.2023.08.04.01.28.34 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 04 Aug 2023 01:28:34 -0700 (PDT) Received: by squeak.grove.modra.org (Postfix, from userid 1000) id AA0BC11407AA; Fri, 4 Aug 2023 17:58:32 +0930 (ACST) Date: Fri, 4 Aug 2023 17:58:32 +0930 To: binutils@sourceware.org Subject: ppc: sanity check writing relocs Message-ID: MIME-Version: 1.0 Content-Disposition: inline X-Spam-Status: No, score=-3033.9 required=5.0 tests=BAYES_00, DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, DKIM_VALID_EF, FREEMAIL_FROM, GIT_PATCH_0, RCVD_IN_DNSWL_NONE, SPF_HELO_NONE, SPF_PASS, TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-Patchwork-Original-From: Alan Modra via Binutils From: Alan Modra Reply-To: Alan Modra Errors-To: binutils-bounces+ouuuleilei=gmail.com@sourceware.org Sender: "Binutils" X-getmail-retrieved-from-mailbox: INBOX X-GMAIL-THRID: 1773286442471474734 X-GMAIL-MSGID: 1773286442471474734 Check for output buffer overruns. * elf32-ppc.c (swap_reloc_out, count_and_swap_reloc_out): New functions. Use throughout file. * elf64-ppc.c (swap_reloc_out, count_and_swap_reloc_out): Likewise. diff --git a/bfd/elf32-ppc.c b/bfd/elf32-ppc.c index 37bfbcfc3ba..ccee076555f 100644 --- a/bfd/elf32-ppc.c +++ b/bfd/elf32-ppc.c @@ -6935,6 +6935,23 @@ is_insn_dq_form (unsigned int insn) && (insn & 3) == 1)); } +static bool +swap_reloc_out (bfd *obfd, Elf_Internal_Rela *rel, bfd_byte *loc, asection *s) +{ + if ((size_t) (loc - s->contents) >= s->size) + return false; + bfd_elf32_swap_reloca_out (obfd, rel, loc); + return true; +} + +static bool +count_and_swap_reloc_out (bfd *obfd, Elf_Internal_Rela *rel, asection *s) +{ + bfd_byte *loc = s->contents; + loc += s->reloc_count++ * sizeof (Elf32_External_Rela); + return swap_reloc_out (obfd, rel, loc, s); +} + /* The RELOCATE_SECTION function is called by the ELF backend linker to handle the relocations for a section. @@ -7806,7 +7823,6 @@ ppc_elf_relocate_section (bfd *output_bfd, : sym->st_shndx != SHN_ABS))) { asection *rsec = htab->elf.srelgot; - bfd_byte * loc; if (ifunc != NULL) { @@ -7825,11 +7841,9 @@ ppc_elf_relocate_section (bfd *output_bfd, outrel.r_info = ELF32_R_INFO (indx, R_PPC_DTPMOD32); if (tls_ty == (TLS_TLS | TLS_GD)) { - loc = rsec->contents; - loc += (rsec->reloc_count++ - * sizeof (Elf32_External_Rela)); - bfd_elf32_swap_reloca_out (output_bfd, - &outrel, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, + &outrel, + rsec)); outrel.r_offset += 4; outrel.r_info = ELF32_R_INFO (indx, R_PPC_DTPREL32); @@ -7856,10 +7870,8 @@ ppc_elf_relocate_section (bfd *output_bfd, outrel.r_addend -= htab->elf.tls_sec->vma; } } - loc = rsec->contents; - loc += (rsec->reloc_count++ - * sizeof (Elf32_External_Rela)); - bfd_elf32_swap_reloca_out (output_bfd, &outrel, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, + &outrel, rsec)); } /* Init the .got section contents if we're not @@ -8089,7 +8101,6 @@ ppc_elf_relocate_section (bfd *output_bfd, && h->dyn_relocs != NULL)) { int skip; - bfd_byte *loc; asection *sreloc; long indx = 0; @@ -8221,9 +8232,8 @@ ppc_elf_relocate_section (bfd *output_bfd, if (sreloc == NULL) return false; - loc = sreloc->contents; - loc += sreloc->reloc_count++ * sizeof (Elf32_External_Rela); - bfd_elf32_swap_reloca_out (output_bfd, &outrel, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, &outrel, + sreloc)); if (skip == -1) goto copy_reloc; @@ -9573,7 +9583,8 @@ write_global_sym_plt (struct elf_link_hash_entry *h, void *inf) rela.r_info = ELF32_R_INFO (htab->elf.hgot->indx, R_PPC_ADDR16_HA); rela.r_addend = got_offset; - bfd_elf32_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (info->output_bfd, &rela, loc, + htab->srelplt2)); loc += sizeof (Elf32_External_Rela); /* Provide the @l relocation for the second instruction. */ @@ -9583,7 +9594,8 @@ write_global_sym_plt (struct elf_link_hash_entry *h, void *inf) rela.r_info = ELF32_R_INFO (htab->elf.hgot->indx, R_PPC_ADDR16_LO); rela.r_addend = got_offset; - bfd_elf32_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (info->output_bfd, &rela, loc, + htab->srelplt2)); loc += sizeof (Elf32_External_Rela); /* Provide a relocation for the GOT entry corresponding to this @@ -9594,7 +9606,8 @@ write_global_sym_plt (struct elf_link_hash_entry *h, void *inf) rela.r_info = ELF32_R_INFO (htab->elf.hplt->indx, R_PPC_ADDR32); rela.r_addend = ent->plt.offset + 16; - bfd_elf32_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (info->output_bfd, &rela, loc, + htab->srelplt2)); } /* VxWorks uses non-standard semantics for R_PPC_JMP_SLOT. @@ -9676,7 +9689,8 @@ write_global_sym_plt (struct elf_link_hash_entry *h, void *inf) if (h->type == STT_GNU_IFUNC && is_static_defined (h)) htab->maybe_local_ifunc_resolver = 1; } - bfd_elf32_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (info->output_bfd, &rela, + loc, relplt)); } doneone = true; } @@ -9793,9 +9807,8 @@ ppc_finish_symbols (struct bfd_link_info *info) + plt->output_offset + plt->output_section->vma); rela.r_addend = val; - loc = relplt->contents + (relplt->reloc_count++ - * sizeof (Elf32_External_Rela)); - bfd_elf32_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (count_and_swap_reloc_out (info->output_bfd, &rela, + relplt)); p = (unsigned char *) htab->glink->contents + ent->glink_offset; write_glink_stub (NULL, ent, htab->elf.iplt, p, info); @@ -9879,7 +9892,6 @@ ppc_elf_finish_dynamic_symbol (bfd *output_bfd, { asection *s; Elf_Internal_Rela rela; - bfd_byte *loc; /* This symbols needs a copy reloc. Set it up. */ @@ -9900,8 +9912,7 @@ ppc_elf_finish_dynamic_symbol (bfd *output_bfd, rela.r_offset = SYM_VAL (h); rela.r_info = ELF32_R_INFO (h->dynindx, R_PPC_COPY); rela.r_addend = 0; - loc = s->contents + s->reloc_count++ * sizeof (Elf32_External_Rela); - bfd_elf32_swap_reloca_out (output_bfd, &rela, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, &rela, s)); } #ifdef DEBUG @@ -10105,7 +10116,7 @@ ppc_elf_finish_dynamic_sections (bfd *output_bfd, + 2); rela.r_info = ELF32_R_INFO (htab->elf.hgot->indx, R_PPC_ADDR16_HA); rela.r_addend = 0; - bfd_elf32_swap_reloca_out (output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (output_bfd, &rela, loc, htab->srelplt2)); loc += sizeof (Elf32_External_Rela); /* Output the @l relocation for the second instruction. */ @@ -10114,7 +10125,7 @@ ppc_elf_finish_dynamic_sections (bfd *output_bfd, + 6); rela.r_info = ELF32_R_INFO (htab->elf.hgot->indx, R_PPC_ADDR16_LO); rela.r_addend = 0; - bfd_elf32_swap_reloca_out (output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (output_bfd, &rela, loc, htab->srelplt2)); loc += sizeof (Elf32_External_Rela); /* Fix up the remaining relocations. They may have the wrong diff --git a/bfd/elf64-ppc.c b/bfd/elf64-ppc.c index dea9408ca49..744e4d0ef1e 100644 --- a/bfd/elf64-ppc.c +++ b/bfd/elf64-ppc.c @@ -11569,6 +11569,24 @@ get_relocs (asection *sec, int count) return relocs; } +static bool +swap_reloc_out (bfd *obfd, Elf_Internal_Rela *rel, bfd_byte *loc, asection *s) +{ + if ((size_t) (loc - s->contents) >= s->size) + return false; + bfd_elf64_swap_reloca_out (obfd, rel, loc); + return true; +} + +static bool +count_and_swap_reloc_out (bfd *obfd, Elf_Internal_Rela *rel, asection *s) +{ + bfd_byte *loc = s->contents; + loc += s->reloc_count++ * sizeof (Elf64_External_Rela); + return swap_reloc_out (obfd, rel, loc, s); +} + + /* Convert the relocs R[0] thru R[-NUM_REL+1], which are all no-symbol forms, to the equivalent relocs against the global symbol given by STUB_ENTRY->H. */ @@ -11847,7 +11865,6 @@ ppc_build_one_stub (struct bfd_hash_entry *gen_entry, void *in_arg) { /* Create a reloc for the branch lookup table entry. */ Elf_Internal_Rela rela; - bfd_byte *rl; rela.r_offset = (br_entry->offset + htab->brlt->output_offset @@ -11855,10 +11872,8 @@ ppc_build_one_stub (struct bfd_hash_entry *gen_entry, void *in_arg) rela.r_info = ELF64_R_INFO (0, R_PPC64_RELATIVE); rela.r_addend = targ; - rl = htab->relbrlt->contents; - rl += (htab->relbrlt->reloc_count++ - * sizeof (Elf64_External_Rela)); - bfd_elf64_swap_reloca_out (htab->relbrlt->owner, &rela, rl); + BFD_ASSERT (count_and_swap_reloc_out (htab->relbrlt->owner, &rela, + htab->relbrlt)); } else if (info->emitrelocations) { @@ -14652,9 +14667,8 @@ build_global_entry_stubs_and_plt (struct elf_link_hash_entry *h, void *inf) rela.r_offset = (plt->output_section->vma + plt->output_offset + ent->plt.offset); - loc = relplt->contents + (relplt->reloc_count++ - * sizeof (Elf64_External_Rela)); - bfd_elf64_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (count_and_swap_reloc_out (info->output_bfd, &rela, + relplt)); } } else @@ -14669,7 +14683,8 @@ build_global_entry_stubs_and_plt (struct elf_link_hash_entry *h, void *inf) / PLT_ENTRY_SIZE (htab) * sizeof (Elf64_External_Rela))); if (h->type == STT_GNU_IFUNC && is_static_defined (h)) htab->elf.ifunc_resolvers = true; - bfd_elf64_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (swap_reloc_out (info->output_bfd, &rela, + loc, htab->elf.srelplt)); } } @@ -14790,7 +14805,6 @@ write_plt_relocs_for_local_syms (struct bfd_link_info *info) Elf_Internal_Sym *sym; asection *sym_sec; asection *plt, *relplt; - bfd_byte *loc; bfd_vma val; if (!get_sym_h (NULL, &sym, &sym_sec, NULL, &local_syms, @@ -14822,7 +14836,7 @@ write_plt_relocs_for_local_syms (struct bfd_link_info *info) if (relplt == NULL) { - loc = plt->contents + ent->plt.offset; + bfd_byte *loc = plt->contents + ent->plt.offset; bfd_put_64 (info->output_bfd, val, loc); if (htab->opd_abi) { @@ -14851,9 +14865,8 @@ write_plt_relocs_for_local_syms (struct bfd_link_info *info) rela.r_info = ELF64_R_INFO (0, R_PPC64_RELATIVE); } rela.r_addend = val; - loc = relplt->contents + (relplt->reloc_count++ - * sizeof (Elf64_External_Rela)); - bfd_elf64_swap_reloca_out (info->output_bfd, &rela, loc); + BFD_ASSERT (count_and_swap_reloc_out (info->output_bfd, + &rela, relplt)); } } @@ -16991,11 +17004,9 @@ ppc64_elf_relocate_section (bfd *output_bfd, outrel.r_info = ELF64_R_INFO (indx, R_PPC64_DTPMOD64); if (tls_type == (TLS_TLS | TLS_GD)) { - loc = relgot->contents; - loc += (relgot->reloc_count++ - * sizeof (Elf64_External_Rela)); - bfd_elf64_swap_reloca_out (output_bfd, - &outrel, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, + &outrel, + relgot)); outrel.r_offset += 8; outrel.r_addend = orig_rel.r_addend; outrel.r_info @@ -17035,12 +17046,8 @@ ppc64_elf_relocate_section (bfd *output_bfd, } if (!(info->enable_dt_relr && ELF64_R_TYPE (outrel.r_info) == R_PPC64_RELATIVE)) - { - loc = relgot->contents; - loc += (relgot->reloc_count++ - * sizeof (Elf64_External_Rela)); - bfd_elf64_swap_reloca_out (output_bfd, &outrel, loc); - } + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, + &outrel, relgot)); } /* Init the .got section contents here if we're not @@ -17526,12 +17533,8 @@ ppc64_elf_relocate_section (bfd *output_bfd, if (sreloc == NULL) abort (); - if (sreloc->reloc_count * sizeof (Elf64_External_Rela) - >= sreloc->size) - abort (); - loc = sreloc->contents; - loc += sreloc->reloc_count++ * sizeof (Elf64_External_Rela); - bfd_elf64_swap_reloca_out (output_bfd, &outrel, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, &outrel, + sreloc)); } if (!warned_dynamic @@ -18164,7 +18167,6 @@ ppc64_elf_finish_dynamic_symbol (bfd *output_bfd, /* This symbol needs a copy reloc. Set it up. */ Elf_Internal_Rela rela; asection *srel; - bfd_byte *loc; if (h->dynindx == -1) abort (); @@ -18176,9 +18178,7 @@ ppc64_elf_finish_dynamic_symbol (bfd *output_bfd, srel = htab->elf.sreldynrelro; else srel = htab->elf.srelbss; - loc = srel->contents; - loc += srel->reloc_count++ * sizeof (Elf64_External_Rela); - bfd_elf64_swap_reloca_out (output_bfd, &rela, loc); + BFD_ASSERT (count_and_swap_reloc_out (output_bfd, &rela, srel)); } return true;