Fix an illegal memory access triggered when trying to examine an input file containin...

[deliverable/binutils-gdb.git] / bfd / coffgen.c
diff --git a/bfd/coffgen.c b/bfd/coffgen.c

index 0001d9a4133363723faad9625ed631f4c2effdb1..2bfcf1a6b14a7ee6b3dd6c20905adc3adcb4b0fe 100644 (file)
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -1,5 +1,5 @@
  /* Support for the generic parts of COFF, for BFD.
  /* Support for the generic parts of COFF, for BFD.
-   Copyright (C) 1990-2019 Free Software Foundation, Inc.
+   Copyright (C) 1990-2020 Free Software Foundation, Inc.
     Written by Cygnus Support.
  
     This file is part of BFD, the Binary File Descriptor library.
     Written by Cygnus Support.
  
     This file is part of BFD, the Binary File Descriptor library.
@@ -217,7 +217,7 @@ make_a_section_from_file (bfd *abfd,
           break;
         }
        if (new_name != NULL)
           break;
         }
        if (new_name != NULL)
-       bfd_rename_section (abfd, return_section, new_name);
+       bfd_rename_section (return_section, new_name);
      }
  
    return result;
      }
  
    return result;
@@ -257,14 +257,14 @@ coff_real_object_p (bfd *abfd,
    if ((internal_f->f_flags & F_EXEC) != 0)
      abfd->flags |= D_PAGED;
  
    if ((internal_f->f_flags & F_EXEC) != 0)
      abfd->flags |= D_PAGED;
  
-  bfd_get_symcount (abfd) = internal_f->f_nsyms;
+  abfd->symcount = internal_f->f_nsyms;
    if (internal_f->f_nsyms)
      abfd->flags |= HAS_SYMS;
  
    if (internal_a != (struct internal_aouthdr *) NULL)
    if (internal_f->f_nsyms)
      abfd->flags |= HAS_SYMS;
  
    if (internal_a != (struct internal_aouthdr *) NULL)
-    bfd_get_start_address (abfd) = internal_a->entry;
+    abfd->start_address = internal_a->entry;
    else
    else
-    bfd_get_start_address (abfd) = 0;
+    abfd->start_address = 0;
  
    /* Set up the tdata area.  ECOFF uses its own routine, and overrides
       abfd->flags.  */
  
    /* Set up the tdata area.  ECOFF uses its own routine, and overrides
       abfd->flags.  */
@@ -302,14 +302,20 @@ coff_real_object_p (bfd *abfd,
         }
      }
  
         }
      }
  
+  obj_coff_keep_syms (abfd) = FALSE;
+  obj_coff_keep_strings (abfd) = FALSE;
+  _bfd_coff_free_symbols (abfd);
    return abfd->xvec;
  
   fail:
    return abfd->xvec;
  
   fail:
+  obj_coff_keep_syms (abfd) = FALSE;
+  obj_coff_keep_strings (abfd) = FALSE;
+  _bfd_coff_free_symbols (abfd);
    bfd_release (abfd, tdata);
   fail2:
    abfd->tdata.any = tdata_save;
    abfd->flags = oflags;
    bfd_release (abfd, tdata);
   fail2:
    abfd->tdata.any = tdata_save;
    abfd->flags = oflags;
-  bfd_get_start_address (abfd) = ostart;
+  abfd->start_address = ostart;
    return (const bfd_target *) NULL;
  }
  
    return (const bfd_target *) NULL;
  }
  
@@ -1814,10 +1820,11 @@ coff_get_normalized_symtab (bfd *abfd)
    if (! _bfd_coff_get_external_symbols (abfd))
      return NULL;
  
    if (! _bfd_coff_get_external_symbols (abfd))
      return NULL;
  
-  size = obj_raw_syment_count (abfd) * sizeof (combined_entry_type);
+  size = obj_raw_syment_count (abfd);
    /* Check for integer overflow.  */
    /* Check for integer overflow.  */
-  if (size < obj_raw_syment_count (abfd))
+  if (size > (bfd_size_type) -1 / sizeof (combined_entry_type))
      return NULL;
      return NULL;
+  size *= sizeof (combined_entry_type);
    internal = (combined_entry_type *) bfd_zalloc (abfd, size);
    if (internal == NULL && size != 0)
      return NULL;
    internal = (combined_entry_type *) bfd_zalloc (abfd, size);
    if (internal == NULL && size != 0)
      return NULL;
@@ -1844,29 +1851,20 @@ coff_get_normalized_symtab (bfd *abfd)
        symbol_ptr = internal_ptr;
        internal_ptr->is_sym = TRUE;
  
        symbol_ptr = internal_ptr;
        internal_ptr->is_sym = TRUE;
  
-      /* PR 17512: file: 1353-1166-0.004.  */
-      if (symbol_ptr->u.syment.n_sclass == C_FILE
-         && symbol_ptr->u.syment.n_numaux > 0
-         && raw_src + symesz + symbol_ptr->u.syment.n_numaux
-         * symesz > raw_end)
-       {
-         bfd_release (abfd, internal);
-         return NULL;
-       }
-
        for (i = 0;
            i < symbol_ptr->u.syment.n_numaux;
            i++)
         {
           internal_ptr++;
        for (i = 0;
            i < symbol_ptr->u.syment.n_numaux;
            i++)
         {
           internal_ptr++;
+         raw_src += symesz;
+
           /* PR 17512: Prevent buffer overrun.  */
           /* PR 17512: Prevent buffer overrun.  */
-         if (internal_ptr >= internal_end)
+         if (raw_src >= raw_end || internal_ptr >= internal_end)
             {
               bfd_release (abfd, internal);
               return NULL;
             }
  
             {
               bfd_release (abfd, internal);
               return NULL;
             }
  
-         raw_src += symesz;
           bfd_coff_swap_aux_in (abfd, (void *) raw_src,
                                 symbol_ptr->u.syment.n_type,
                                 symbol_ptr->u.syment.n_sclass,
           bfd_coff_swap_aux_in (abfd, (void *) raw_src,
                                 symbol_ptr->u.syment.n_type,
                                 symbol_ptr->u.syment.n_sclass,
@@ -2290,7 +2288,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
    /* Also try examining DWARF2 debugging information.  */
    if (_bfd_dwarf2_find_nearest_line (abfd, symbols, NULL, section, offset,
                                      filename_ptr, functionname_ptr,
    /* Also try examining DWARF2 debugging information.  */
    if (_bfd_dwarf2_find_nearest_line (abfd, symbols, NULL, section, offset,
                                      filename_ptr, functionname_ptr,
-                                    line_ptr, NULL, debug_sections, 0,
+                                    line_ptr, NULL, debug_sections,
                                      &coff_data(abfd)->dwarf2_find_line_info))
      return TRUE;
  
                                      &coff_data(abfd)->dwarf2_find_line_info))
      return TRUE;
  
@@ -2330,7 +2328,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
           && _bfd_dwarf2_find_nearest_line (abfd, symbols, NULL, section,
                                             offset + bias,
                                             filename_ptr, functionname_ptr,
           && _bfd_dwarf2_find_nearest_line (abfd, symbols, NULL, section,
                                             offset + bias,
                                             filename_ptr, functionname_ptr,
-                                           line_ptr, NULL, debug_sections, 0,
+                                           line_ptr, NULL, debug_sections,
                                             &coff_data(abfd)->dwarf2_find_line_info))
         return TRUE;
      }
                                             &coff_data(abfd)->dwarf2_find_line_info))
         return TRUE;
      }
@@ -2366,7 +2364,7 @@ coff_find_nearest_line_with_names (bfd *abfd,
        bfd_vma maxdiff;
  
        /* Look through the C_FILE symbols to find the best one.  */
        bfd_vma maxdiff;
  
        /* Look through the C_FILE symbols to find the best one.  */
-      sec_vma = bfd_get_section_vma (abfd, section);
+      sec_vma = bfd_section_vma (section);
        *filename_ptr = (char *) p->u.syment._n._n_n._n_offset;
        maxdiff = (bfd_vma) 0 - (bfd_vma) 1;
        while (1)
        *filename_ptr = (char *) p->u.syment._n._n_n._n_offset;
        maxdiff = (bfd_vma) 0 - (bfd_vma) 1;
        while (1)
@@ -2408,13 +2406,16 @@ coff_find_nearest_line_with_names (bfd *abfd,
               maxdiff = offset + sec_vma - p2->u.syment.n_value;
             }
  
               maxdiff = offset + sec_vma - p2->u.syment.n_value;
             }
  
+         if (p->u.syment.n_value >= cof->raw_syment_count)
+           break;
+
           /* Avoid endless loops on erroneous files by ensuring that
              we always move forward in the file.  */
           if (p >= cof->raw_syments + p->u.syment.n_value)
             break;
  
           p = cof->raw_syments + p->u.syment.n_value;
           /* Avoid endless loops on erroneous files by ensuring that
              we always move forward in the file.  */
           if (p >= cof->raw_syments + p->u.syment.n_value)
             break;
  
           p = cof->raw_syments + p->u.syment.n_value;
-         if (p > pend || p->u.syment.n_sclass != C_FILE)
+         if (!p->is_sym || p->u.syment.n_sclass != C_FILE)
             break;
         }
      }
             break;
         }
      }
@@ -2658,7 +2659,7 @@ _bfd_coff_section_already_linked (bfd *abfd,
    if ((flags & SEC_GROUP) != 0)
      return FALSE;
  
    if ((flags & SEC_GROUP) != 0)
      return FALSE;
  
-  name = bfd_get_section_name (abfd, sec);
+  name = bfd_section_name (sec);
    s_comdat = bfd_coff_get_comdat_section (abfd, sec);
  
    if (s_comdat != NULL)
    s_comdat = bfd_coff_get_comdat_section (abfd, sec);
  
    if (s_comdat != NULL)
@@ -3155,3 +3156,29 @@ bfd_coff_gc_sections (bfd *abfd ATTRIBUTE_UNUSED, struct bfd_link_info *info)
    /* ... and mark SEC_EXCLUDE for those that go.  */
    return coff_gc_sweep (abfd, info);
  }
    /* ... and mark SEC_EXCLUDE for those that go.  */
    return coff_gc_sweep (abfd, info);
  }
+
+/* Return name used to identify a comdat group.  */
+
+const char *
+bfd_coff_group_name (bfd *abfd, const asection *sec)
+{
+  struct coff_comdat_info *ci = bfd_coff_get_comdat_section (abfd, sec);
+  if (ci != NULL)
+    return ci->name;
+  return NULL;
+}
+
+bfd_boolean
+_bfd_coff_close_and_cleanup (bfd *abfd)
+{
+  if (abfd->format == bfd_object
+      && bfd_family_coff (abfd)
+      && coff_data (abfd) != NULL)
+    {
+      obj_coff_keep_syms (abfd) = FALSE;
+      obj_coff_keep_strings (abfd) = FALSE;
+      if (!_bfd_coff_free_symbols (abfd))
+       return FALSE;
+    }
+  return _bfd_generic_close_and_cleanup (abfd);
+}