| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
| |
Apparently u.kindirect->slot can point at a NULL.
* debug.c (debug_write_type): Don't segfault on NULL indirect.
|
| | |
|
| |
|
|
|
|
|
|
|
|
| |
Another fuzzer attack. This one was a "set" with elements using an
indirect type pointing back at the set. The existing recursion check
only prevented simple recursion.
* debug.c (struct debug_type_s): Add mark.
(debug_write_type): Set mark and check before recursing into
indirect types.
|
| | |
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
I noticed in the binutile Makefile that runtest is being invoked with
CC, CC_FOR_BUILD and other compiler related flags in the environment.
That doesn't work. Those variables ought to be passed on the runtest
command line.
After fixing that I had some fails due to binutils testprog.c now
being compiled with the default "-g -O2" picked up in
CFLAGS_FOR_TARGET. Hack around that by passing -O0.
Also, with the binutils testsuite now taking notice of CC_FOR_TARGET,
I found a couple of debuginfod.exp fails with one of my compilers that
happened to be built without --debug-id being enabled by default.
* Makefile.am (check-DEJAGNU): Pass $CC and other variable on
the runtest command line rather than futilely in the
environment. Add -O0 to CFLAGS_FOR_TARGET.
* Makefile.in: Regenerate.
* testsuite/binutils-all/debuginfod.exp: Compile testprog.c
with -Wl,--build-id.
|
| |
|
|
|
|
|
|
| |
This makes sure the input element bfd is closed before exiting the
loop copying elements.
* objcopy.c (copy_archive): Rename output_bfd to output_element.
Localise last_element. Close this_element in more error cases.
|
| |
|
|
|
|
|
|
|
|
| |
For MIPS64r6 ports, Debian as an example, `mipsisa64r6el` is
used as the cpu name in triple.
Let's recognize them by `mips*64*(el)`.
For 64bit Ports, like Debian's mips64el and mips64r6el ports,
`gnuabi64` is used as the abi section.
Let's use N64 abi by default for the triple with gnuabi64.
|
| |
|
|
| |
security related bugs.
|
| |
|
|
|
|
|
|
|
|
|
| |
This one was caused by me unnecessarily promoting an "int adv" to
"int64_t adv". The expression overflowing was 4259 + 9223372036854775807
with the left number being unsigned int.
* dwarf.h (DWARF2_Internal_LineInfo): Replace unsigned short
with uint16_t and unsigned char with uint8_t. Make li_line_base
an int8_t.
* dwarf.c (display_debug_lines_raw): Revert "adv" back to an int.
|
| |
|
|
|
| |
PR 30355
* dwarf.c (read_and_display_attr_value): Correctly handle DW_loclistx attributes that index a version 5 .debug_loclists section.
|
| |
|
|
|
|
| |
PR 30365
* rdcoff.c (parse_coff_struct_type): Leave bitsize zero when no
auxents.
|
| |
|
|
|
| |
PR 30361
* dwarf.c (fetch_indexed_string): Sanity check string index.
|
| |
|
|
|
|
| |
PR 30142
* peXXigen.c (_bfd_XXi_swap_scnhdr_out): Do not force the .rsrc section to be writeable.
* rescoff.c (write_coff_file): Add the SEC_READONLY flag to the .rsrc section.
|
| |
|
|
|
| |
PR 30327
* dwarf.c (read_and_display_attr_value): Warn if the number of views is greater than the number of locations.
|
| |
|
|
|
|
|
| |
corrupt DWARF file.
PR 30313
* dwarf.c (display_debug_lines_decoded): Check for an overlarge number of files or directories.
|
| |
|
|
|
| |
PR 30312
* dwarf.c (prealloc_cu_tu_list): Always allocate at least one entry.
|
| |
|
|
|
|
|
| |
corrupt ELF format file.
PR 30311
* readelf.c (uncompress_section_contents): Check for a suspiciously large uncompressed size.
|
| |
|
|
|
|
|
| |
Oops, tried to free too much
* wrstabs.c (write_stabs_in_sections_debugging_info): Don't
free strings.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Fix memory leaks and do a general tidy of the code for printing coff
and stabs debug.
* prdbg.c: Delete unnneeded forward function declarations.
Delete unnecessary casts throughout. Free all strings
returned from pop_type throughout file.
(struct pr_stack): Delete "num_parents". Replace tests for
"num_parents" non-zero with tests of "parents" non-NULL
throughout. Free "parents" before assigning, and set to NULL
after freeing. Remove const from "method". Always strdup
strings assigned to method, and free before assigning.
(print_debugging_info): Free info.stack and info.filename.
|
| |
|
|
|
|
|
|
|
|
| |
objdump -g can't be used much. Trying to dump PE files invariably
seems to run into "debug_name_type: no current file" or similar
errors, because parse_coff expects a C_FILE symbol to be the first
symbol. Dumping -gstabs output works since the N_SO stab is present.
Pre-setting the file name won't hurt stabs dumping.
* rddbg.c (read_debugging_info): Call debug_set_filename.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The old stabs code didn't bother too much about freeing memory.
This patch corrects that and avoids some dubious copying of strings.
* objcopy.c (write_debugging_info): Free both strings and
syms on failure to create sections.
* wrstabs.c: Delete unnecessary forward declarations and casts
throughout file.
(stab_write_symbol_and_free): New function. Use it
throughout, simplifying return paths.
(stab_push_string): Don't strdup string. Use it thoughout
for malloced strings.
(stab_push_string_dup): New function. Use it throughout for
strings in auto buffers.
(write_stabs_in_sections_debugging_info): Free malloced memory.
(stab_enum_type): Increase buffer sizing for worst case.
(stab_range_type, stab_array_type): Reduce buffer size.
(stab_set_type): Likewise.
(stab_method_type): Free args on error return. Correct
buffer size.
(stab_struct_field): Fix memory leaks.
(stab_class_static_member, stab_class_baseclass): Likewise.
(stab_start_class_type): Likewise. Correct buffer size.
(stab_class_start_method): Correct buffer size.
(stab_class_method_var): Free memory on error return.
(stab_start_function): Fix "rettype" memory leak.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Trying to free malloc'd memory used by the stabs and coff debug info
parsers is complicated, and traversing the trees generated requires a
lot of code. It's better to bfd_alloc the memory which allows it all
to be freed without fuss when the bfd is closed. In the process of
doing this I reverted most of commit a6336913332.
Some of the stabs handling code grows arrays of pointers with realloc,
to deal with arbitrary numbers of fields, function args, etc. The
code still does that but copies over to bfd_alloc memory when
finished. The alternative is to parse twice, once to size, then again
to populate the arrays. I think that complication is unwarranted.
Note that there is a greater than zero chance this patch breaks
something, eg. that I missed an attempt to free obj_alloc memory.
Also it seems there are no tests in the binutils testsuite aimed at
exercising objdump --debugging.
* budbg.h (finish_stab, parse_stab): Update prototypes
* debug.c: Include bucomm.h.
(struct debug_handle): Add "abfd" field.
(debug_init): Add "abfd" param. bfd_alloc handle.
(debug_xalloc, debug_xzalloc): New functions. Use throughout
in place of xmalloc and memset.
(debug_start_source): Remove "name_used" param.
* debug.h (debug_init, debug_start_source): Update prototypes.
(debug_xalloc, debug_xzalloc): Declare.
* objcopy.c (copy_object): Don't free dhandle.
* objdump.c (dump_bfd): Likewise.
* rdcoff.c (coff_get_slot): Add dhandle arg. debug_xzalloc
memory in place of xcalloc. Update callers.
(parse_coff_struct_type): Don't leak on error return. Copy
fields over to debug_xalloc memory.
(parse_coff_enum_type): Copy names and vals over the
debug_xalloc memory.
* rddbg.c (read_debugging_info): Adjust debug_init call.
Don't free dhandle.
(read_section_stabs_debugging_info): Don't free shandle.
Adjust parse_stab call. Call finish_stab on error return.
(read_symbol_stabs_debugging_info): Similarly.
* stabs.c (savestring): Delete unnecessary forward declaration.
Add dhandle param. debug_xalloc memory. Update callers.
(start_stab): Delete unnecessary casts.
(finish_stab): Add "emit" param. Free file_types, so_string,
and stabs handle.
(parse_stab): Delete string_used param. Revert code dealing
with string_used. Copy so_string passed to debug_set_filename
and stored as main_filename to debug_xalloc memory. Similarly
for string passed to debug_start_source and push_bincl. Copy
args to debug_xalloc memory. Don't leak args.
(parse_stab_enum_type): Copy names and values to debug_xalloc
memory. Don't free name.
(parse_stab_struct_type): Don't free fields.
(parse_stab_baseclasses): Delete unnecessary cast.
(parse_stab_struct_fields): Return debug_xalloc fields.
(parse_stab_cpp_abbrev): Use debug_xalloc for _vb$ type name.
(parse_stab_one_struct_field): Don't free name.
(parse_stab_members): Copy variants and methods to
debug_xalloc memory. Don't free name or argtypes.
(parse_stab_argtypes): Use debug_xalloc memory for physname
and args.
(push_bincl): Add dhandle param. Use debug_xalloc memory.
(stab_record_variable): Use debug_xalloc memory.
(stab_emit_pending_vars): Don't free var list.
(stab_find_slot): Add dhandle param. Use debug_xzalloc
memory. Update all callers.
(stab_find_tagged_type): Don't free name. Use debug_xzalloc.
(stab_demangle_qualified): Don't free name.
(stab_demangle_template): Don't free s1.
(stab_demangle_args): Tidy pvarargs refs. Copy *pargs on
success to debug_xalloc memory, free on failure.
(stab_demangle_fund_type): Don't free name.
(stab_demangle_v3_arglist): Copy args to debug_xalloc memory.
Don't free dt.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This should sort out some very old FIXMEs in code handling stabs
debug info. Necessary if we are to fuss over freeing up memory before
objdump and objcopy exit. It is of course better from a user
viewpoint to *not* free memory, which takes some time, and leave that
to process exit. The only reason to do so is that having many memory
leaks in binutils/ code tends to hide leaks in bfd/ or opcodes/, which
we should care about.
* budbg.h (parse_stab): Update prototype.
* debug.h (debug_start_source): Update prototype.
* debug.c (debug_start_source): Add name_used. Set if stashed.
* rddbg.c (read_symbol_stabs_debugging_info): Always malloc
stab string passed to parse_stab. Free stab string when
unreferenced.
(read_section_stabs_debugging_info): Likewise, and strings
section contents.
* stabs.c (parse_stab): Add string_used param. Set if string
stashed. Pass to debug_start_source. Realloc file_types
array rather that using malloc. Clarify comment about
debug_make_indirect_type.
|
| |
|
|
|
|
|
|
|
| |
We may have added some abbrevs to the list before hitting an error.
Free the list elements too. free_abbrev_list returns list->next so we
need to init it earlier to avoid an uninitialised memory access.
* dwarf.c (process_abbrev_set): Call free_abbrev_list on errors.
Set list->next earlier.
|
| |
|
|
|
| |
PR 30284
* dwarf.c (read_and_display_attr_value): Detect and ignore negative base values.
|
| |
|
|
|
|
|
|
| |
* objcopy.c (delete_symbol_htabs): Also free symbols.
(write_debugging_info): Free strings and syms once written.
* wrstabs.c (write_stabs_in_sections_debugging_info): memset
entire info struct. Free hash tables before returning. Free
syms on error return.
|
| |
|
|
| |
* addr2line.c (process_file): Close bfd on error paths.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
long is a poor choice of type to store 32-bit values read from
objects files by H_GET_32. H_GET_32 doesn't sign extend so tests like
that in gdb/coffread.c for "negative" values won't work if long is
larger than 32 bits. If long is 32-bit then code needs to be careful
to not accidentally index negative array elements. (I'd rather see a
segfault on an unmapped 4G array index than silently reading bogus
data.) long is also a poor choice for x_sect.s_scnlen, which might
have 64-bit values. It's better to use unsigned exact width types to
avoid surprises.
I decided to change the field names too, which makes most of this
patch simply renaming. Besides that there are a few places where
casts are no longer needed, and where printf format strings or tests
need adjusting.
include/
* coff/internal.h (union internal_auxent): Use unsigned stdint
types. Rename l fields to u32 and u64 as appropriate.
bfd/
* coff-bfd.c,
* coff-rs6000.c,
* coff64-rs6000.c,
* coffcode.h,
* coffgen.c,
* cofflink.c,
* coffswap.h,
* peXXigen.c,
* xcofflink.c: Adjust to suit internal_auxent changes.
binutils/
* rdcoff.c: Adjust to suit internal_auxent changes.
gas/
* config/obj-coff.h,
* config/tc-ppc.c: Adjust to suit internal_auxent changes.
gdb/
* coffread.c,
* xcoffread.c: Adjust to suit internal_auxent changes.
ld/
* pe-dll.c: Adjust to suit internal_auxent changes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
u.auxent.x_sym.x_tagndx is a union. The p field is only valid when
fix_tag is set. This patch fixes code in coffgrok.c that accessed the
field without first checking fix_tag, and removes a whole lot of code
validating bogus pointers to prevent segfaults (which no longer
happen, I checked the referenced PR 17512 testcases). The patch also
documents this in the fix_tag comment, makes is_sym a bitfield, and
sorts the selecter fields a little.
bfd/
* coffcode.h (combined_entry_type): Make is_sym a bitfield.
Sort and comment on union selectors.
* libcoff.h: Regenerate.
binutils/
* coffgrok.c (do_type): Make aux a combined_entry_type. Test
fix_tag before accessing u.auxent.x_sym.x_tagndx.p. Remove
now unnecessary pointer bounds checking.
|
| |
|
|
|
| |
binutils * readelf.c (get_segment_type): Handle PT_OPENBSD_MUTABLE segment type.
include * elf/common.h (PT_OPENBSD_MUTABLE): Define.
|
| |
|
|
|
| |
* rddbg.c (read_section_stabs_debugging_info): Ignore invalid
stab sections with size less than 12 bytes.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
QNX provides some .note subsections. QNT_STACK is the one controling
the stack allocation.
bfd/ChangeLog:
* elf.c (BFD_QNT_CORE_INFO): Delete.
(BFD_QNT_CORE_STATUS): Likewise.
(BFD_QNT_CORE_GREG): Likewise.
(BFD_QNT_CORE_FPREG): Likewise.
(elfcore_grok_nto_note): Replace BFD_QNT_* by QNT_*.
binutils/ChangeLog:
* readelf.c (get_qnx_elfcore_note_type): New function.
(print_qnx_note): New function.
(process_note): Add support for QNX support.
include/ChangeLog:
* elf/common.h (QNT_DEBUG_FULLPATH): New define.
(QNT_DEBUG_RELOC): New define.
(QNT_STACK): New define.
(QNT_GENERATOR): New define.
(QNT_DEFAULT_LIB): New define.
(QNT_CORE_SYSINFO): New define.
(QNT_CORE_INFO): New define.
(QNT_CORE_STATUS): New define.
(QNT_CORE_GREG): New define.
(QNT_CORE_FPREG): New define.
(QNT_LINK_MAP): New define.
|
| |
|
|
|
| |
* rddbg.c (read_section_stabs_debugging_info): Don't segfault on
zero size string section.
|
| |
|
|
|
|
|
| |
DWARF file.
PR 30227
* dwarf.c (process_cu_tu_index): Prevent excessive memory allocation when nused is large and ncols is zero.
|
| |
|
|
|
|
|
| |
PR 30216
* dwarf.c (display_debug_lines_decoded): Reduce space for filenames.
* testsuite/binutils-all/dw5.W: Adjust expected output.
* testsuite/binutils-all/objdump.WL: Adjust expected output.
|
| |
|
|
|
|
|
|
|
|
| |
This memcpy segfaults if symcount is -1 (=> syms is NULL).
memcpy (sorted_syms, symcount ? syms : dynsyms,
sorted_symcount * sizeof (asymbol *));
* objdump.c (slurp_symtab): Don't leave symcount as -1 after
an error.
(slurp_dynamic_symtab): Likewise for dynsymcount.
|
| |
|
|
|
|
| |
* rddbg.c (read_section_stabs_debugging_info): Exclude sections
without contents. Use bfd_malloc_and_get_section. Don't alloc
one extra for strings.
|
| |
|
|
|
|
|
|
|
| |
objdump's read_section is never used for bss-style sections, so to
plug a hole that fuzzers have found, exclude sections without
SEC_HAS_CONTENTS.
* objdump.c (read_section): Report and return an error on
a no contents section.
|
| |
|
|
|
|
|
|
|
|
| |
Commit e3f450f3933d resulted in a nm -l segfault on object files
without undefined symbols. Fix that, and be paranoid about bfd
section count changing.
* nm.c (struct lineno_cache): Add seccount.
(free_lineno_cache): Don't segfault on NULL lc->relocs.
(print_symbol): Stash section count when creating arrays.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
* objdump.c (slurp_symtab): Replace bfd_fatal calls with calls
to my_bfd_nonfatal.
(slurp_dynamic_symtab, disassemble_section): Likewise.
(disassemble_data): Replace fatal call with non_fatal call, and
set exit_status. Don't error on non-existent dynamic relocs.
Don't call bfd_fatal on bfd_canonicalize_dynamic_reloc error.
(dump_ctf, dump_section_sframe): Replace bfd_fatal calls with
calls to my_bfd_nonfatal and clean up memory.
(dump_relocs_in_section): Don't call bfd_fatal on errors.
(dump_dynamic_relocs): Likewise.
(display_any_bfd): Make archive nesting too depp non_fatal.
|
| |
|
|
|
| |
* addr2line.c (slurp_symtab): Don't exit on errors.
(process_file): Likewise.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Many of the fatal errors in nm ought to be recoverable. This patch
downgrades most of them. The ones that are left are most likely due
to memory allocation failures.
* nm.c (print_symdef_entry): Don't bomb with a fatal error
on a corrupted archive symbol table.
(filter_symbols): Silently omit symbols that return NULL
from bfd_minisymbol_to_symbol rather than giving a fatal
error.
(display_rel_file): Don't give a fatal error on
bfd_read_minisymbols returning an error, or on not being able
to read dynamic symbols for synth syms.
(display_archive): Downgrade bfd_openr_next_archived_file
error.
(display_file): Don't bomb on a bfd_close failure.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Replace the static variables used by nm to cache line number info
with a struct attached to the bfd. Cleaner, and it avoids any concern
that lineno_cache_bfd is somehow left pointing at memory for a closed
bfd and that memory is later reused for another bfd, not that I think
this is possible. Also don't bomb via bfd_fatal on errors getting
the line number info, just omit the line numbers.
* nm.c (struct lineno_cache): Rename from get_relocs_info.
Add symcount.
(lineno_cache_bfd, lineno_cache_rel_bfd): Delete.
(get_relocs): Adjust for struct rename. Don't call bfd_fatal
on errors.
(free_lineno_cache): New function.
(print_symbol): Use lineno_cache in place of statics. Don't
call bfd_fatal on errors reading symbols, just omit the line
info.
(display_archive, display_file): Call free_lineno_cache.
|
| |
|
|
|
|
|
|
|
| |
bfd_nonfatal is used when a bfd error is to be printed. That's not
the case for command line errors.
* objdump.c (nonfatal): Rename to my_bfd_nonfatal.
(main): Use non_fatal and call usage on unrecognized arg errors.
Don't set exit_status when calling usage.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There isn't really any good reason for code in rdcoff.c to distinguish
between "basic" types and any other type. This patch dispenses with
the array reserved for basic types and instead handles all types using
coff_get_slot, simplifying the code.
* rdcoff.c (struct coff_types, coff_slots): Merge. Delete
coff_slots.
(T_MAX): Delete.
(parse_coff_base_type): Use coff_get_slot to store baseic types.
(coff_get_slot, parse_coff_type, parse_coff_base_type),
(parse_coff_struct_type, parse_coff_enum_type),
(parse_coff_symbol, parse_coff): Pass types as coff_types**.
|
| |
|
|
|
|
|
|
|
|
| |
As for commit 72d225ef9cc7, handle type numbers starting anywhere.
PR 17512
* rdcoff.c (struct coff_slots): Add base_index.
(coff_get_slot): Delete pr17512 excessively large slot check.
Don't allocate entire array from 0 to type number, allocate a
sparse array.
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
On DOS systems, absolute paths start with the drive letter. This can
trigger failures in the regexp from dump tests, especially for those
checking for warnings or errors. They are usually skipping everything
before the first ":" as it has to be the file path.
| [^:]*: warning: ...
In order to avoid modifying many regexps to allow such drive letters,
prune them from all the outputs if they are found at the beginning of
a line.
binutils/ChangeLog:
* testsuite/lib/binutils-common.exp (prune_dump_output): New
(run_dump_test): Use it.
ld/ChangeLog:
* testsuite/ld-elf/noinit-sections-2.l: Remove DOS drive letter
handler.
|
| |
|
|
| |
* bucomm.c (make_tempname, make_tempdir): Set bfd_error on error.
|
| |
|
|
|
|
| |
Also fix ubsan "applying zero offset to null pointer".
* objdump.c (print_section_stabs): Avoid ubsan warning.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Commit f9c36cc99518 changed (and renamed) read_section_stabs with one
difference in overall behaviour. Previously read_section_stabs would
return a NULL for an empty section, which was then treated the same as
a missing section. Now an empty section is recognized and dumped.
This leads to NULL stabp and stabs_end in print_section_stabs. Since
stabs_end - STABSIZE is then a pointer to a very large address, the
test "stabp < stabs_end - STABSIZE" succeeds.
* objdump.c (print_section_stabs): Correct STABSIZE comparison.
|
