summaryrefslogtreecommitdiff
path: root/bfd/elf32-arm.c
diff options
context:
space:
mode:
authorNick Clifton <nickc@redhat.com>2020-01-03 14:41:02 +0000
committerNick Clifton <nickc@redhat.com>2020-01-03 14:41:02 +0000
commit7a0fb7be96e0ce79e1ae429bc1ba913e5244d537 (patch)
tree2cd6d1c387030ff641bee30455eee384d516d7a9 /bfd/elf32-arm.c
parenta2322019f5669e80444cdf6a8222f94a45301b3a (diff)
downloadbinutils-gdb-7a0fb7be96e0ce79e1ae429bc1ba913e5244d537.tar.gz
Fix potential illegal memory access failures in the BFD library by ensuring that the return value from bfd_malloc() is checked before it is used.
PR 25308 * elf-properties.c (_bfd_elf_convert_gnu_properties): Check the return value from bfd_malloc. * elf32-arm.c (bfd_elf32_arm_vfp11_fix_veneer_locations): Likewise. (bfd_elf32_arm_stm32l4xx_fix_veneer_locations): Likewise. (elf32_arm_filter_cmse_symbols): Likewise. (elf32_arm_write_section): Likewise. * mach-o.c (bfd_mach_o_core_fetch_environment): Likewise. (bfd_mach_o_follow_dsym): Likewise. * pef.c (bfd_pef_print_loader_section): Likewise. (bfd_pef_scan_start_address): Likewise. (bfd_pef_parse_function_stubs): Likewise. (bfd_pef_parse_symbols): Likewise.
Diffstat (limited to 'bfd/elf32-arm.c')
-rw-r--r--bfd/elf32-arm.c11
1 files changed, 6 insertions, 5 deletions
diff --git a/bfd/elf32-arm.c b/bfd/elf32-arm.c
index ae8a269426c..2bf355a3312 100644
--- a/bfd/elf32-arm.c
+++ b/bfd/elf32-arm.c
@@ -7148,7 +7148,6 @@ find_arm_glue (struct bfd_link_info *link_info,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen (name)
+ strlen (ARM2THUMB_GLUE_ENTRY_NAME) + 1);
-
BFD_ASSERT (tmp_name);
sprintf (tmp_name, ARM2THUMB_GLUE_ENTRY_NAME, name);
@@ -7323,7 +7322,6 @@ record_arm_to_thumb_glue (struct bfd_link_info * link_info,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen (name)
+ strlen (ARM2THUMB_GLUE_ENTRY_NAME) + 1);
-
BFD_ASSERT (tmp_name);
sprintf (tmp_name, ARM2THUMB_GLUE_ENTRY_NAME, name);
@@ -7401,7 +7399,6 @@ record_arm_bx_glue (struct bfd_link_info * link_info, int reg)
/* Add symbol for veneer. */
tmp_name = (char *)
bfd_malloc ((bfd_size_type) strlen (ARM_BX_GLUE_ENTRY_NAME) + 1);
-
BFD_ASSERT (tmp_name);
sprintf (tmp_name, ARM_BX_GLUE_ENTRY_NAME, reg);
@@ -7493,7 +7490,6 @@ record_vfp11_erratum_veneer (struct bfd_link_info *link_info,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen
(VFP11_ERRATUM_VENEER_ENTRY_NAME) + 10);
-
BFD_ASSERT (tmp_name);
sprintf (tmp_name, VFP11_ERRATUM_VENEER_ENTRY_NAME,
@@ -7613,7 +7609,6 @@ record_stm32l4xx_erratum_veneer (struct bfd_link_info *link_info,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen
(STM32L4XX_ERRATUM_VENEER_ENTRY_NAME) + 10);
-
BFD_ASSERT (tmp_name);
sprintf (tmp_name, STM32L4XX_ERRATUM_VENEER_ENTRY_NAME,
@@ -8644,6 +8639,7 @@ bfd_elf32_arm_vfp11_fix_veneer_locations (bfd *abfd,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen
(VFP11_ERRATUM_VENEER_ENTRY_NAME) + 10);
+ BFD_ASSERT (tmp_name);
for (sec = abfd->sections; sec != NULL; sec = sec->next)
{
@@ -8731,6 +8727,7 @@ bfd_elf32_arm_stm32l4xx_fix_veneer_locations (bfd *abfd,
tmp_name = (char *) bfd_malloc ((bfd_size_type) strlen
(STM32L4XX_ERRATUM_VENEER_ENTRY_NAME) + 10);
+ BFD_ASSERT (tmp_name);
for (sec = abfd->sections; sec != NULL; sec = sec->next)
{
@@ -18505,6 +18502,8 @@ elf32_arm_filter_cmse_symbols (bfd *abfd ATTRIBUTE_UNUSED,
maxnamelen = 128;
cmse_name = (char *) bfd_malloc (maxnamelen);
+ BFD_ASSERT (cmse_name);
+
for (src_count = 0; src_count < symcount; src_count++)
{
struct elf32_arm_link_hash_entry *cmse_hash;
@@ -19700,6 +19699,8 @@ elf32_arm_write_section (bfd *output_bfd,
unsigned int in_index, out_index;
bfd_vma add_to_offsets = 0;
+ if (edited_contents == NULL)
+ return FALSE;
for (in_index = 0, out_index = 0; in_index * 8 < input_size || edit_node;)
{
if (edit_node)
View Lorry Controller Status