[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr

bug-binutils

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in

From:	cvs-commit at gcc dot gnu.org
Subject:	[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in
Date:	Mon, 22 Dec 2014 21:00:26 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=17512

--- Comment #133 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot 
gnu.org> ---
This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "gdb and binutils".

The branch, master has been updated
       via  5860e3f883597cf6b8a937547015394edc1e8784 (commit)
      from  e30880c2eeee3b43897161344bbbffd03f3a1c91 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=5860e3f883597cf6b8a937547015394edc1e8784

commit 5860e3f883597cf6b8a937547015394edc1e8784
Author: Nick Clifton <address@hidden>
Date:   Mon Dec 22 20:59:00 2014 +0000

    More fixes for memory access violations exposed by fuzzed binaries.

        PR binutils/17512
        * archive.c (do_slurp_bsd_armap): Return if the parsed_size is
        zero.
        (bfd_slurp_armap): Zero terminate the name.
        (bfd_generic_stat_arch_elt): If there is no header, fail.
        * elf32-arc.c (arc_info_to_howto_rel): Replace BFD_ASSERT with
        error message.
        * elf32-avr.c (avr_info_to_howto_rela): Likewise.
        * elf32-cr16c.c (elf_cr16c_info_to_howto_rel): Likewise.
        * elf32-cris.c (cris_info_to_howto_rela): Likewise.
        * elf32-d10v.c (d10v_info_to_howto_rel): Likewise.
        * elf32-d30v.c (d30v_info_to_howto_rel): Likewise.
        * elf32-dlx.c (dlx_rtype_to_howto): Likewise.
        * elf32-epiphany.c (epiphany_info_to_howto_rela): Likewise.
        * elf32-fr30.c (fr30_info_to_howto_rela): Likewise.
        * elf32-frv.c (frv_info_to_howto_rela): Likewise.
        * elf32-i960.c (elf32_i960_info_to_howto_rel): Likewise.
        * elf32-ip2k.c (ip2k_info_to_howto_rela): Likewise.
        * elf32-iq2000.c (iq2000_info_to_howto_rela): Likewise.
        * elf32-lm32.c (lm32_info_to_howto_rela): Likewise.
        * elf32-m32c.c (m32c_info_to_howto_rela): Likewise.
        * elf32-m32r.c (m32r_info_to_howto_rel): Likewise.
        * elf32-m68hc11.c (m68hc11_info_to_howto_rel): Likewise.
        * elf32-m68hc12.c (m68hc11_info_to_howto_rel): Likewise.
        * elf32-mep.c (mep_info_to_howto_rela): Likewise.
        * elf32-metag.c (metag_info_to_howto_rela): Likewise.
        * elf32-moxie.c (moxie_info_to_howto_rela): Likewise.
        * elf32-msp430.c (msp430_info_to_howto_rela): Likewise.
        * elf32-mt.c (mt_info_to_howto_rela): Likewise.
        * elf32-nds32.c (nds32_info_to_howto_rel): Likewise.
        * elf32-or1k.c (or1k_info_to_howto_rela): Likewise.
        * elf32-rl78.c (rl78_info_to_howto_rela): Likewise.
        * elf32-rx.c (rx_info_to_howto_rela): Likewise.
        * elf32-v850.c (v850_elf_info_to_howto_rel): Likewise.
        * elf32-visium.c (visium_info_to_howto_rela): Likewise.
        * elf32-xgate.c (xgate_info_to_howto_rel): Likewise.
        * elf32-xtensa.c (elf_xtensa_info_to_howto_rela): Likewise.
        * elf64-mmix.c (mmix_info_to_howto_rela): Likewise.
        * elf64-x86-64.c (elf_x86_64_reloc_type_lookup): Likewise.
        * elfnn-aarch64.c (elfNN_aarch64_bfd_reloc_from_type): Likewise.
        * elf64-sparc.c (elf64_sparc_slurp_one_reloc_table): Add range
        checking of reloc symbol index.
        * mach-o.c (bfd_mach_o_canonicalize_one_reloc): If no symbols have
        been provided then set the reloc's symbol to undefined.
        * reloc.c (bfd_generic_get_relocated_section_contents): Add range
        checking of the reloc to be applied.
        * versados.c (process_otr): Add more range checks.
        (versados_canonicalize_reloc): If the section is unknown, set the
        symbol to undefined.
        * vms-alpha.c (_bfd_vms_slurp_eisd): Add range checks.
        (alpha_vms_object_p): Likewise.

-----------------------------------------------------------------------

Summary of changes:
 bfd/ChangeLog        |   54 ++++++++++++++++++++++++++++++++++++++++++++++++++
 bfd/archive.c        |    9 ++++++-
 bfd/elf32-arc.c      |    6 ++++-
 bfd/elf32-avr.c      |    6 ++++-
 bfd/elf32-cr16c.c    |    6 ++++-
 bfd/elf32-cris.c     |    6 ++++-
 bfd/elf32-d10v.c     |    6 ++++-
 bfd/elf32-d30v.c     |   12 +++++++++-
 bfd/elf32-dlx.c      |    6 ++++-
 bfd/elf32-epiphany.c |    5 ++++
 bfd/elf32-fr30.c     |    6 ++++-
 bfd/elf32-frv.c      |    5 ++++
 bfd/elf32-i960.c     |    8 ++++++-
 bfd/elf32-ip2k.c     |    5 ++++
 bfd/elf32-iq2000.c   |    5 ++++
 bfd/elf32-lm32.c     |    6 ++++-
 bfd/elf32-m32c.c     |    6 ++++-
 bfd/elf32-m32r.c     |    6 ++++-
 bfd/elf32-m68hc11.c  |    6 ++++-
 bfd/elf32-m68hc12.c  |    6 ++++-
 bfd/elf32-mep.c      |    5 ++++
 bfd/elf32-metag.c    |    6 ++++-
 bfd/elf32-moxie.c    |    6 ++++-
 bfd/elf32-msp430.c   |   12 +++++++++-
 bfd/elf32-mt.c       |    5 ++++
 bfd/elf32-nds32.c    |    6 ++++-
 bfd/elf32-or1k.c     |    6 ++++-
 bfd/elf32-rl78.c     |    6 ++++-
 bfd/elf32-rx.c       |    6 ++++-
 bfd/elf32-v850.c     |    6 ++++-
 bfd/elf32-visium.c   |    5 ++++
 bfd/elf32-xgate.c    |    6 ++++-
 bfd/elf32-xtensa.c   |    6 ++++-
 bfd/elf64-mmix.c     |    6 ++++-
 bfd/elf64-sparc.c    |    4 ++-
 bfd/elf64-x86-64.c   |    2 +-
 bfd/elfnn-aarch64.c  |    8 +++++++
 bfd/mach-o.c         |    2 +
 bfd/reloc.c          |    4 +++
 bfd/versados.c       |   30 ++++++++++++++++++++-------
 bfd/vms-alpha.c      |    7 +++++-
 41 files changed, 279 insertions(+), 40 deletions(-)

-- 
You are receiving this mail because:
You are on the CC list for the bug.

[Prev in Thread]

Current Thread

[Next in Thread]

[Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, (continued)
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/12/09
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/12/09
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/12/11
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/12/11
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/12/11
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/12/11
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org, 2014/12/16
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/12/16
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/12/18
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cherepan at mccme dot ru, 2014/12/21
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, cvs-commit at gcc dot gnu.org <=
- [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in, nickc at redhat dot com, 2014/12/22

Prev by Date: [Bug ld/17742] ABI version 1 is not compatible with ABI version 0 output
Next by Date: [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in
Previous by thread: [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in
Next by thread: [Bug binutils/17512] segfault in PE parser / _bfd_pei_swap_aouthdr_in
Index(es):
- Date
- Thread