diff options
author | Alan Modra <amodra@gmail.com> | 2016-02-01 21:27:02 +1030 |
---|---|---|
committer | Alan Modra <amodra@gmail.com> | 2016-02-01 21:27:02 +1030 |
commit | ec1f73bb0be7482f2dffd9bbca2f93fc74eca172 (patch) | |
tree | 3511f9c6fa640f08cbae69b7b0b2ebc3319dc6f7 /bfd/elf32-i386.c | |
parent | d8c823c8b62b4f0fc4747eb9e4e29739add34c17 (diff) | |
download | binutils-gdb-ec1f73bb0be7482f2dffd9bbca2f93fc74eca172.tar.gz |
x86 synthetic plt symbols
Changing "pushq $1" in the following to "pushq $too_big" results in an
abort. BFD shouldn't abort on (deliberately) bad user input.
400480: ff 25 9a 0b 20 00 jmpq *0x200b9a(%rip)
400486: 68 01 00 00 00 pushq $0x1
40048b: e9 d0 ff ff ff jmpq 400460 <_init+0x20>
* elf64-x86-64.c (elf_x86_64_get_plt_sym_val): Don't abort on
an out of range reloc_index.
* elf32-i386.c (elf_i386_get_plt_sym_val): Likewise.
Diffstat (limited to 'bfd/elf32-i386.c')
-rw-r--r-- | bfd/elf32-i386.c | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c index 81a95e0cf29..ccd013533d8 100644 --- a/bfd/elf32-i386.c +++ b/bfd/elf32-i386.c @@ -5684,9 +5684,9 @@ bad_return: reloc_index = H_GET_32 (abfd, (plt_contents + plt_offset + bed->plt->plt_reloc_offset)); reloc_index /= sizeof (Elf32_External_Rel); - if (reloc_index >= count) - abort (); - plt_sym_val[reloc_index] = plt->vma + plt_offset; + if (reloc_index < count) + plt_sym_val[reloc_index] = plt->vma + plt_offset; + plt_offset += bed->plt->plt_entry_size; /* PR binutils/18437: Skip extra relocations in the .rel.plt |