https://sourceware.org/bugzilla/show_bug.cgi?id=17512
--- Comment #116 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".
The branch, master has been updated
via 06614111d1be94b43ea8dd83805184d4e177bcea (commit)
from 30b5e341f3bcb219718ad32cd0065670fd37e637 (commit)
Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.
- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=06614111d1be94b43ea8dd83805184d4e177bcea
commit 06614111d1be94b43ea8dd83805184d4e177bcea
Author: Nick Clifton <ni...@redhat.com>
Date: Mon Dec 1 16:43:46 2014 +0000
More fixes for memory access violations exposed by fuzzed binaries.
PR binutils/17512
* dwarf.h (struct dwarf_section): Add user_data field.
* dwarf.c (frame_need_space): Check for an over large register
number.
(display_debug_frames): Check the return value from
frame_need_space. Check for a CFA expression that is so long the
start address wraps around.
(debug_displays): Initialise the user_data field.
* objdump.c (load_specific_debug_section): Save the BFD section
pointer in the user_data field of the dwarf_section structure.
(free_debug_section): Update BFD section data when freeing section
contents.
* readelf.c (load_specific_debug_section): Initialise the
user_data field.
* archive.c (do_slurp_coff_armap): Add range checks to prevent
running off the end of the string table.
* compress.c (bfd_get_full_section_contents): Return a NULL
pointer for zero sized sections. Do not attempt to copy a buffer
onto itself.
* elf-attrs.c (_bfd_elf_parse_attributes): Check for an empty
header. Add range checks to avoid running off the end of the
section.
* elf.c (bfd_elf_get_str_section): Seek before allocating so that
if the seek fails, no memory is allocated.
(bfd_elf_string_from_elf_section): Do not allocate a string from a
non string section. It only leads to trouble later on.
(_bfd_elf_print_private_bfd_data): Check for there being too
little external dynamic data.
(bfd_section_from_shdr): Replace assertion with a failure mode.
(bfd_section_from_shdr): When walking a loaded group section use
the internal structure size, not the external size. Check for the
group section being empty.
* elf32-i386.c (elf_i386_rtype_to_howto): Replace assertion with a
failure mode.
* elfcode.h (elf_slurp_reloc_table): Likewise.
* reloc.c (bfd_perform_relocation): Avoid seg-fault if the howto
parameter is NULL.
-----------------------------------------------------------------------
Summary of changes:
bfd/ChangeLog | 27 ++++++++++++
bfd/archive.c | 11 ++++-
bfd/compress.c | 13 ++++-
bfd/elf-attrs.c | 16 ++++++-
bfd/elf.c | 36 ++++++++++++----
bfd/elf32-i386.c | 4 +-
bfd/elfcode.h | 4 +-
bfd/reloc.c | 4 ++
binutils/ChangeLog | 17 +++++++
binutils/dwarf.c | 118 ++++++++++++++++++++++++++++++++--------------------
binutils/dwarf.h | 2 +
binutils/objdump.c | 17 +++++++
binutils/readelf.c | 1 +
13 files changed, 207 insertions(+), 63 deletions(-)
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
bug-binutils mailing list
bug-binutils@gnu.org
https://lists.gnu.org/mailman/listinfo/bug-binutils
