X-Git-Url: http://git.efficios.com/?a=blobdiff_plain;f=bfd%2Felfcode.h;h=7745c537658fc41a962cf5d195ac15566adcfec4;hb=666318230c54a348763927c80d085542d9890c42;hp=298ba3526df34e954dedfd8d4b8b3e5725555ac1;hpb=c9ba0c87bf3595762506825b30f0ebcb9da53129;p=deliverable%2Fbinutils-gdb.git diff --git a/bfd/elfcode.h b/bfd/elfcode.h index 298ba3526d..7745c53765 100644 --- a/bfd/elfcode.h +++ b/bfd/elfcode.h @@ -1,7 +1,5 @@ /* ELF executable support for BFD. - Copyright 1991, 1992, 1993, 1994, 1995, 1996, 1997, 1998, 1999, 2000, - 2001, 2002, 2003, 2004, 2005, 2006, 2007, 2008, 2009, 2010, 2011, 2012 - Free Software Foundation, Inc. + Copyright (C) 1991-2020 Free Software Foundation, Inc. Written by Fred Fish @ Cygnus Support, from information published in "UNIX System V Release 4, Programmers Guide: ANSI C and @@ -73,6 +71,7 @@ #include "bfdlink.h" #include "libbfd.h" #include "elf-bfd.h" +#include "libiberty.h" /* Renaming structures, typedefs, macros and functions to be size-specific. */ #define Elf_External_Ehdr NAME(Elf,External_Ehdr) @@ -315,6 +314,19 @@ elf_swap_shdr_in (bfd *abfd, dst->sh_addr = H_GET_WORD (abfd, src->sh_addr); dst->sh_offset = H_GET_WORD (abfd, src->sh_offset); dst->sh_size = H_GET_WORD (abfd, src->sh_size); + /* PR 23657. Check for invalid section size, in sections with contents. + Note - we do not set an error value here because the contents + of this particular section might not be needed by the consumer. */ + if (dst->sh_type != SHT_NOBITS) + { + ufile_ptr filesize = bfd_get_file_size (abfd); + + if (filesize != 0 && dst->sh_size > filesize) + _bfd_error_handler + (_("warning: %pB has a corrupt section with a size (%" + BFD_VMA_FMT "x) larger than the file size"), + abfd, dst->sh_size); + } dst->sh_link = H_GET_32 (abfd, src->sh_link); dst->sh_info = H_GET_32 (abfd, src->sh_info); dst->sh_addralign = H_GET_WORD (abfd, src->sh_addralign); @@ -485,7 +497,7 @@ elf_file_p (Elf_External_Ehdr *x_ehdrp) any side effects in ABFD, or any data it points to (like tdata), if the file does not match the target vector. */ -const bfd_target * +bfd_cleanup elf_object_p (bfd *abfd) { Elf_External_Ehdr x_ehdr; /* Elf file header, external form */ @@ -496,7 +508,6 @@ elf_object_p (bfd *abfd) unsigned int shindex; const struct elf_backend_data *ebd; asection *s; - bfd_size_type amt; const bfd_target *target; /* Read in the ELF header in external format. */ @@ -606,13 +617,10 @@ elf_object_p (bfd *abfd) if (i_ehdrp->e_shoff != 0) { - bfd_signed_vma where = i_ehdrp->e_shoff; - - if (where != (file_ptr) where) - goto got_wrong_format_error; + file_ptr where = (file_ptr) i_ehdrp->e_shoff; /* Seek to the section header table in the file. */ - if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0) + if (bfd_seek (abfd, where, SEEK_SET) != 0) goto got_no_match; /* Read the first section header at index 0, and convert to internal @@ -658,19 +666,17 @@ elf_object_p (bfd *abfd) goto got_wrong_format_error; where += (i_ehdrp->e_shnum - 1) * sizeof (x_shdr); - if (where != (file_ptr) where) - goto got_wrong_format_error; if ((bfd_size_type) where <= i_ehdrp->e_shoff) goto got_wrong_format_error; - if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0) + if (bfd_seek (abfd, where, SEEK_SET) != 0) goto got_no_match; if (bfd_bread (&x_shdr, sizeof x_shdr, abfd) != sizeof (x_shdr)) goto got_no_match; /* Back to where we were. */ where = i_ehdrp->e_shoff + sizeof (x_shdr); - if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0) + if (bfd_seek (abfd, where, SEEK_SET) != 0) goto got_no_match; } } @@ -681,14 +687,17 @@ elf_object_p (bfd *abfd) { Elf_Internal_Shdr *shdrp; unsigned int num_sec; + size_t amt; - amt = sizeof (*i_shdrp) * i_ehdrp->e_shnum; + if (_bfd_mul_overflow (i_ehdrp->e_shnum, sizeof (*i_shdrp), &amt)) + goto got_wrong_format_error; i_shdrp = (Elf_Internal_Shdr *) bfd_alloc (abfd, amt); if (!i_shdrp) goto got_no_match; num_sec = i_ehdrp->e_shnum; elf_numsections (abfd) = num_sec; - amt = sizeof (i_shdrp) * num_sec; + if (_bfd_mul_overflow (num_sec, sizeof (i_shdrp), &amt)) + goto got_wrong_format_error; elf_elfsections (abfd) = (Elf_Internal_Shdr **) bfd_alloc (abfd, amt); if (!elf_elfsections (abfd)) goto got_no_match; @@ -713,7 +722,7 @@ elf_object_p (bfd *abfd) switch (ebd->elf_machine_code) { case EM_386: - case EM_486: + case EM_IAMCU: case EM_X86_64: case EM_OLD_SPARCV9: case EM_SPARC32PLUS: @@ -744,12 +753,9 @@ elf_object_p (bfd *abfd) != 0)) abfd->flags &= ~D_PAGED; } - } - /* A further sanity check. */ - if (i_ehdrp->e_shnum != 0) - { - if (i_ehdrp->e_shstrndx >= elf_numsections (abfd)) + if (i_ehdrp->e_shstrndx >= elf_numsections (abfd) + || i_shdrp[i_ehdrp->e_shstrndx].sh_type != SHT_STRTAB) { /* PR 2257: We used to just goto got_wrong_format_error here @@ -758,7 +764,9 @@ elf_object_p (bfd *abfd) So we are kind, and reset the string index value to 0 so that at least some processing can be done. */ i_ehdrp->e_shstrndx = SHN_UNDEF; - _bfd_error_handler (_("warning: %s has a corrupt string table index - ignoring"), abfd->filename); + _bfd_error_handler + (_("warning: %pB has a corrupt string table index - ignoring"), + abfd); } } else if (i_ehdrp->e_shstrndx != SHN_UNDEF) @@ -771,9 +779,19 @@ elf_object_p (bfd *abfd) { Elf_Internal_Phdr *i_phdr; unsigned int i; - - amt = i_ehdrp->e_phnum * sizeof (Elf_Internal_Phdr); - elf_tdata (abfd)->phdr = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt); + ufile_ptr filesize; + size_t amt; + + /* Check for a corrupt input file with an impossibly large number + of program headers. */ + filesize = bfd_get_file_size (abfd); + if (filesize != 0 + && i_ehdrp->e_phnum > filesize / sizeof (Elf_External_Phdr)) + goto got_wrong_format_error; + if (_bfd_mul_overflow (i_ehdrp->e_phnum, sizeof (*i_phdr), &amt)) + goto got_wrong_format_error; + elf_tdata (abfd)->phdr + = (Elf_Internal_Phdr *) bfd_alloc (abfd, amt); if (elf_tdata (abfd)->phdr == NULL) goto got_no_match; if (bfd_seek (abfd, (file_ptr) i_ehdrp->e_phoff, SEEK_SET) != 0) @@ -835,7 +853,7 @@ elf_object_p (bfd *abfd) s->flags |= SEC_DEBUGGING; } } - return target; + return _bfd_no_cleanup; got_wrong_format_error: bfd_set_error (bfd_error_wrong_format); @@ -851,6 +869,7 @@ elf_object_p (bfd *abfd) void elf_write_relocs (bfd *abfd, asection *sec, void *data) { + const struct elf_backend_data * const bed = get_elf_backend_data (abfd); bfd_boolean *failedp = (bfd_boolean *) data; Elf_Internal_Shdr *rela_hdr; bfd_vma addr_offset; @@ -860,6 +879,7 @@ elf_write_relocs (bfd *abfd, asection *sec, void *data) unsigned int idx; asymbol *last_sym; int last_sym_idx; + size_t amt; /* If we have already failed, don't do anything. */ if (*failedp) @@ -886,9 +906,10 @@ elf_write_relocs (bfd *abfd, asection *sec, void *data) rela_hdr = elf_section_data (sec)->rel.hdr; rela_hdr->sh_size = rela_hdr->sh_entsize * sec->reloc_count; - rela_hdr->contents = (unsigned char *) bfd_alloc (abfd, rela_hdr->sh_size); - if (rela_hdr->contents == NULL) + if (_bfd_mul_overflow (sec->reloc_count, rela_hdr->sh_entsize, &amt) + || (rela_hdr->contents = bfd_alloc (abfd, amt)) == NULL) { + bfd_set_error (bfd_error_no_memory); *failedp = TRUE; return; } @@ -954,11 +975,24 @@ elf_write_relocs (bfd *abfd, asection *sec, void *data) return; } + if (ptr->howto == NULL) + { + *failedp = TRUE; + return; + } + src_rela.r_offset = ptr->address + addr_offset; src_rela.r_info = ELF_R_INFO (n, ptr->howto->type); src_rela.r_addend = ptr->addend; (*swap_out) (abfd, &src_rela, dst_rela); } + + if (bed->write_secondary_relocs != NULL) + if (! bed->write_secondary_relocs (abfd, sec)) + { + *failedp = TRUE; + return; + } } /* Write out the program headers. */ @@ -971,6 +1005,7 @@ elf_write_out_phdrs (bfd *abfd, while (count--) { Elf_External_Phdr extphdr; + elf_swap_phdr_out (abfd, phdr, &extphdr); if (bfd_bwrite (&extphdr, sizeof (Elf_External_Phdr), abfd) != sizeof (Elf_External_Phdr)) @@ -990,7 +1025,7 @@ elf_write_shdrs_and_ehdr (bfd *abfd) Elf_External_Shdr *x_shdrp; /* Section header table, external form */ Elf_Internal_Shdr **i_shdrp; /* Section header table, internal form */ unsigned int count; - bfd_size_type amt; + size_t amt; i_ehdrp = elf_elfheader (abfd); i_shdrp = elf_elfsections (abfd); @@ -1016,8 +1051,11 @@ elf_write_shdrs_and_ehdr (bfd *abfd) i_shdrp[0]->sh_link = i_ehdrp->e_shstrndx; /* at this point we've concocted all the ELF sections... */ - amt = i_ehdrp->e_shnum; - amt *= sizeof (*x_shdrp); + if (_bfd_mul_overflow (i_ehdrp->e_shnum, sizeof (*x_shdrp), &amt)) + { + bfd_set_error (bfd_error_no_memory); + return FALSE; + } x_shdrp = (Elf_External_Shdr *) bfd_alloc (abfd, amt); if (!x_shdrp) return FALSE; @@ -1029,6 +1067,7 @@ elf_write_shdrs_and_ehdr (bfd *abfd) #endif elf_swap_shdr_out (abfd, *i_shdrp, x_shdrp + count); } + amt = (bfd_size_type) i_ehdrp->e_shnum * sizeof (*x_shdrp); if (bfd_seek (abfd, (file_ptr) i_ehdrp->e_shoff, SEEK_SET) != 0 || bfd_bwrite (x_shdrp, amt, abfd) != amt) return FALSE; @@ -1071,6 +1110,7 @@ elf_checksum_contents (bfd *abfd, { Elf_Internal_Shdr i_shdr; Elf_External_Shdr x_shdr; + bfd_byte *contents, *free_contents; i_shdr = *i_shdrp[count]; i_shdr.sh_offset = 0; @@ -1078,28 +1118,36 @@ elf_checksum_contents (bfd *abfd, elf_swap_shdr_out (abfd, &i_shdr, &x_shdr); (*process) (&x_shdr, sizeof x_shdr, arg); - /* PR ld/12451: - Process the section's contents, if it has some. Read them in if necessary. */ - if (i_shdr.contents) - (*process) (i_shdr.contents, i_shdr.sh_size, arg); - else if (i_shdr.sh_type != SHT_NOBITS) + /* Process the section's contents, if it has some. + PR ld/12451: Read them in if necessary. */ + if (i_shdr.sh_type == SHT_NOBITS) + continue; + free_contents = NULL; + contents = i_shdr.contents; + if (contents == NULL) { asection *sec; sec = bfd_section_from_elf_index (abfd, count); if (sec != NULL) { - if (sec->contents == NULL) + contents = sec->contents; + if (contents == NULL) { /* Force rereading from file. */ sec->flags &= ~SEC_IN_MEMORY; - if (! bfd_malloc_and_get_section (abfd, sec, & sec->contents)) + if (!bfd_malloc_and_get_section (abfd, sec, &free_contents)) continue; + contents = free_contents; } - if (sec->contents != NULL) - (*process) (sec->contents, i_shdr.sh_size, arg); } } + if (contents != NULL) + { + (*process) (contents, i_shdr.sh_size, arg); + if (free_contents != NULL) + free (free_contents); + } } return TRUE; @@ -1119,7 +1167,7 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) Elf_External_Versym *xver; Elf_External_Versym *xverbuf = NULL; const struct elf_backend_data *ebd; - bfd_size_type amt; + size_t amt; /* Read each raw ELF symbol, converting from external ELF form to internal ELF form, and then using the information to create a @@ -1143,9 +1191,9 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) verhdr = NULL; else verhdr = &elf_tdata (abfd)->dynversym_hdr; - if ((elf_tdata (abfd)->dynverdef_section != 0 + if ((elf_dynverdef (abfd) != 0 && elf_tdata (abfd)->verdef == NULL) - || (elf_tdata (abfd)->dynverref_section != 0 + || (elf_dynverref (abfd) != 0 && elf_tdata (abfd)->verref == NULL)) { if (!_bfd_elf_slurp_version_tables (abfd, FALSE)) @@ -1164,8 +1212,11 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) if (isymbuf == NULL) return -1; - amt = symcount; - amt *= sizeof (elf_symbol_type); + if (_bfd_mul_overflow (symcount, sizeof (elf_symbol_type), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + goto error_return; + } symbase = (elf_symbol_type *) bfd_zalloc (abfd, amt); if (symbase == (elf_symbol_type *) NULL) goto error_return; @@ -1174,10 +1225,12 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) if (verhdr != NULL && verhdr->sh_size / sizeof (Elf_External_Versym) != symcount) { - (*_bfd_error_handler) - (_("%s: version count (%ld) does not match symbol count (%ld)"), - abfd->filename, - (long) (verhdr->sh_size / sizeof (Elf_External_Versym)), + _bfd_error_handler + /* xgettext:c-format */ + (_("%pB: version count (%" PRId64 ")" + " does not match symbol count (%ld)"), + abfd, + (int64_t) (verhdr->sh_size / sizeof (Elf_External_Versym)), symcount); /* Slurp in the symbols without the version information, @@ -1189,13 +1242,10 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) { if (bfd_seek (abfd, verhdr->sh_offset, SEEK_SET) != 0) goto error_return; - - xverbuf = (Elf_External_Versym *) bfd_malloc (verhdr->sh_size); + xverbuf = (Elf_External_Versym *) + _bfd_malloc_and_read (abfd, verhdr->sh_size, verhdr->sh_size); if (xverbuf == NULL && verhdr->sh_size != 0) goto error_return; - - if (bfd_bread (xverbuf, verhdr->sh_size, abfd) != verhdr->sh_size) - goto error_return; } /* Skip first symbol, which is a null dummy. */ @@ -1206,10 +1256,9 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) for (isym = isymbuf + 1, sym = symbase; isym < isymend; isym++, sym++) { memcpy (&sym->internal_elf_sym, isym, sizeof (Elf_Internal_Sym)); - sym->symbol.the_bfd = abfd; + sym->symbol.the_bfd = abfd; sym->symbol.name = bfd_elf_sym_name (abfd, hdr, isym, NULL); - sym->symbol.value = isym->st_value; if (isym->st_shndx == SHN_UNDEF) @@ -1251,7 +1300,10 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) { /* This symbol is in a section for which we did not create a BFD section. Just use bfd_abs_section, - although it is wrong. FIXME. */ + although it is wrong. FIXME. Note - there is + code in elf.c:swap_out_syms that calls + symbol_section_index() in the elf backend for + cases like this. */ sym->symbol.section = bfd_abs_section_ptr; } } @@ -1292,6 +1344,7 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) case STT_COMMON: /* FIXME: Do we have to put the size field into the value field as we do with symbols in SHN_COMMON sections (see above) ? */ + sym->symbol.flags |= BSF_ELF_COMMON; /* Fall through. */ case STT_OBJECT: sym->symbol.flags |= BSF_OBJECT; @@ -1356,7 +1409,7 @@ elf_slurp_symbol_table (bfd *abfd, asymbol **symptrs, bfd_boolean dynamic) free (isymbuf); return symcount; -error_return: + error_return: if (xverbuf != NULL) free (xverbuf); if (isymbuf != NULL && hdr->contents != (unsigned char *) isymbuf) @@ -1384,14 +1437,11 @@ elf_slurp_reloc_table_from_section (bfd *abfd, int entsize; unsigned int symcount; - allocated = bfd_malloc (rel_hdr->sh_size); + if (bfd_seek (abfd, rel_hdr->sh_offset, SEEK_SET) != 0) + return FALSE; + allocated = _bfd_malloc_and_read (abfd, rel_hdr->sh_size, rel_hdr->sh_size); if (allocated == NULL) - goto error_return; - - if (bfd_seek (abfd, rel_hdr->sh_offset, SEEK_SET) != 0 - || (bfd_bread (allocated, rel_hdr->sh_size, abfd) - != rel_hdr->sh_size)) - goto error_return; + return FALSE; native_relocs = (bfd_byte *) allocated; @@ -1408,6 +1458,7 @@ elf_slurp_reloc_table_from_section (bfd *abfd, i < reloc_count; i++, relent++, native_relocs += entsize) { + bfd_boolean res; Elf_Internal_Rela rela; if (entsize == sizeof (Elf_External_Rela)) @@ -1425,12 +1476,16 @@ elf_slurp_reloc_table_from_section (bfd *abfd, relent->address = rela.r_offset - asect->vma; if (ELF_R_SYM (rela.r_info) == STN_UNDEF) + /* FIXME: This and the error case below mean that we have a + symbol on relocs that is not elf_symbol_type. */ relent->sym_ptr_ptr = bfd_abs_section_ptr->symbol_ptr_ptr; else if (ELF_R_SYM (rela.r_info) > symcount) { - (*_bfd_error_handler) - (_("%s(%s): relocation %d has invalid symbol index %ld"), - abfd->filename, asect->name, i, ELF_R_SYM (rela.r_info)); + _bfd_error_handler + /* xgettext:c-format */ + (_("%pB(%pA): relocation %d has invalid symbol index %ld"), + abfd, asect, i, (long) ELF_R_SYM (rela.r_info)); + bfd_set_error (bfd_error_bad_value); relent->sym_ptr_ptr = bfd_abs_section_ptr->symbol_ptr_ptr; } else @@ -1447,14 +1502,16 @@ elf_slurp_reloc_table_from_section (bfd *abfd, if ((entsize == sizeof (Elf_External_Rela) && ebd->elf_info_to_howto != NULL) || ebd->elf_info_to_howto_rel == NULL) - (*ebd->elf_info_to_howto) (abfd, relent, &rela); + res = ebd->elf_info_to_howto (abfd, relent, &rela); else - (*ebd->elf_info_to_howto_rel) (abfd, relent, &rela); + res = ebd->elf_info_to_howto_rel (abfd, relent, &rela); + + if (! res || relent->howto == NULL) + goto error_return; } if (allocated != NULL) free (allocated); - return TRUE; error_return: @@ -1471,13 +1528,14 @@ elf_slurp_reloc_table (bfd *abfd, asymbol **symbols, bfd_boolean dynamic) { + const struct elf_backend_data * const bed = get_elf_backend_data (abfd); struct bfd_elf_section_data * const d = elf_section_data (asect); Elf_Internal_Shdr *rel_hdr; Elf_Internal_Shdr *rel_hdr2; bfd_size_type reloc_count; bfd_size_type reloc_count2; arelent *relents; - bfd_size_type amt; + size_t amt; if (asect->relocation != NULL) return TRUE; @@ -1493,7 +1551,9 @@ elf_slurp_reloc_table (bfd *abfd, rel_hdr2 = d->rela.hdr; reloc_count2 = rel_hdr2 ? NUM_SHDR_ENTRIES (rel_hdr2) : 0; - BFD_ASSERT (asect->reloc_count == reloc_count + reloc_count2); + /* PR 17512: file: 0b4f81b7. */ + if (asect->reloc_count != reloc_count + reloc_count2) + return FALSE; BFD_ASSERT ((rel_hdr && asect->rel_filepos == rel_hdr->sh_offset) || (rel_hdr2 && asect->rel_filepos == rel_hdr2->sh_offset)); @@ -1513,7 +1573,11 @@ elf_slurp_reloc_table (bfd *abfd, reloc_count2 = 0; } - amt = (reloc_count + reloc_count2) * sizeof (arelent); + if (_bfd_mul_overflow (reloc_count + reloc_count2, sizeof (arelent), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + return FALSE; + } relents = (arelent *) bfd_alloc (abfd, amt); if (relents == NULL) return FALSE; @@ -1532,6 +1596,10 @@ elf_slurp_reloc_table (bfd *abfd, symbols, dynamic)) return FALSE; + if (bed->slurp_secondary_relocs != NULL + && ! bed->slurp_secondary_relocs (abfd, asect, symbols)) + return FALSE; + asect->relocation = relents; return TRUE; } @@ -1579,37 +1647,44 @@ elf_debug_file (Elf_Internal_Ehdr *ehdrp) #endif /* Create a new BFD as if by bfd_openr. Rather than opening a file, - reconstruct an ELF file by reading the segments out of remote memory - based on the ELF file header at EHDR_VMA and the ELF program headers it - points to. If not null, *LOADBASEP is filled in with the difference - between the VMAs from which the segments were read, and the VMAs the - file headers (and hence BFD's idea of each section's VMA) put them at. - - The function TARGET_READ_MEMORY is called to copy LEN bytes from the - remote memory at target address VMA into the local buffer at MYADDR; it - should return zero on success or an `errno' code on failure. TEMPL must - be a BFD for a target with the word size and byte order found in the - remote memory. */ + reconstruct an ELF file by reading the segments out of remote + memory based on the ELF file header at EHDR_VMA and the ELF program + headers it points to. If non-zero, SIZE is the known extent of the + object. If not null, *LOADBASEP is filled in with the difference + between the VMAs from which the segments were read, and the VMAs + the file headers (and hence BFD's idea of each section's VMA) put + them at. + + The function TARGET_READ_MEMORY is called to copy LEN bytes from + the remote memory at target address VMA into the local buffer at + MYADDR; it should return zero on success or an `errno' code on + failure. TEMPL must be a BFD for a target with the word size and + byte order found in the remote memory. */ bfd * NAME(_bfd_elf,bfd_from_remote_memory) (bfd *templ, - bfd_vma ehdr_vma, - bfd_vma *loadbasep, + bfd_vma ehdr_vma /* Bytes. */, + bfd_size_type size /* Octets. */, + bfd_vma *loadbasep /* Bytes. */, int (*target_read_memory) (bfd_vma, bfd_byte *, bfd_size_type)) + /* (Bytes , , octets ). */ { Elf_External_Ehdr x_ehdr; /* Elf file header, external form */ Elf_Internal_Ehdr i_ehdr; /* Elf file header, internal form */ Elf_External_Phdr *x_phdrs; - Elf_Internal_Phdr *i_phdrs, *last_phdr; + Elf_Internal_Phdr *i_phdrs, *last_phdr, *first_phdr; bfd *nbfd; struct bfd_in_memory *bim; - int contents_size; bfd_byte *contents; int err; unsigned int i; - bfd_vma loadbase; - bfd_boolean loadbase_set; + bfd_vma high_offset; + bfd_vma shdr_end; + bfd_vma loadbase; /* Bytes. */ + char *filename; + size_t amt; + unsigned int opb = bfd_octets_per_byte (templ, NULL); /* Read in the ELF header in external format. */ err = target_read_memory (ehdr_vma, (bfd_byte *) &x_ehdr, sizeof x_ehdr); @@ -1666,13 +1741,15 @@ NAME(_bfd_elf,bfd_from_remote_memory) return NULL; } - x_phdrs = (Elf_External_Phdr *) - bfd_malloc (i_ehdr.e_phnum * (sizeof *x_phdrs + sizeof *i_phdrs)); - if (x_phdrs == NULL) + if (_bfd_mul_overflow (i_ehdr.e_phnum, + sizeof (*x_phdrs) + sizeof (*i_phdrs), &amt)) { - bfd_set_error (bfd_error_no_memory); + bfd_set_error (bfd_error_file_too_big); return NULL; } + x_phdrs = (Elf_External_Phdr *) bfd_malloc (amt); + if (x_phdrs == NULL) + return NULL; err = target_read_memory (ehdr_vma + i_ehdr.e_phoff, (bfd_byte *) x_phdrs, i_ehdr.e_phnum * sizeof x_phdrs[0]); if (err) @@ -1684,34 +1761,44 @@ NAME(_bfd_elf,bfd_from_remote_memory) } i_phdrs = (Elf_Internal_Phdr *) &x_phdrs[i_ehdr.e_phnum]; - contents_size = 0; + high_offset = 0; + loadbase = 0; + first_phdr = NULL; last_phdr = NULL; - loadbase = ehdr_vma; - loadbase_set = FALSE; for (i = 0; i < i_ehdr.e_phnum; ++i) { elf_swap_phdr_in (templ, &x_phdrs[i], &i_phdrs[i]); if (i_phdrs[i].p_type == PT_LOAD) { - bfd_vma segment_end; - segment_end = (i_phdrs[i].p_offset + i_phdrs[i].p_filesz - + i_phdrs[i].p_align - 1) & -i_phdrs[i].p_align; - if (segment_end > (bfd_vma) contents_size) - contents_size = segment_end; - - /* LOADADDR is the `Base address' from the gELF specification: - `lowest p_vaddr value for a PT_LOAD segment' is P_VADDR from the - first PT_LOAD as PT_LOADs are ordered by P_VADDR. */ - if (!loadbase_set && (i_phdrs[i].p_offset & -i_phdrs[i].p_align) == 0) + bfd_vma segment_end = i_phdrs[i].p_offset + i_phdrs[i].p_filesz; + + if (segment_end > high_offset) { - loadbase = ehdr_vma - (i_phdrs[i].p_vaddr & -i_phdrs[i].p_align); - loadbase_set = TRUE; + high_offset = segment_end; + last_phdr = &i_phdrs[i]; } - last_phdr = &i_phdrs[i]; + /* If this program header covers offset zero, where the file + header sits, then we can figure out the loadbase. */ + if (first_phdr == NULL) + { + bfd_vma p_offset = i_phdrs[i].p_offset; /* Octets. */ + bfd_vma p_vaddr = i_phdrs[i].p_vaddr; /* Octets. */ + + if (i_phdrs[i].p_align > 1) + { + p_offset &= -(i_phdrs[i].p_align * opb); + p_vaddr &= -(i_phdrs[i].p_align * opb); + } + if (p_offset == 0) + { + loadbase = ehdr_vma - p_vaddr / opb; + first_phdr = &i_phdrs[i]; + } + } } } - if (last_phdr == NULL) + if (high_offset == 0) { /* There were no PT_LOAD segments, so we don't have anything to read. */ free (x_phdrs); @@ -1719,40 +1806,64 @@ NAME(_bfd_elf,bfd_from_remote_memory) return NULL; } - /* Trim the last segment so we don't bother with zeros in the last page - that are off the end of the file. However, if the extra bit in that - page includes the section headers, keep them. */ - if ((bfd_vma) contents_size > last_phdr->p_offset + last_phdr->p_filesz - && (bfd_vma) contents_size >= (i_ehdr.e_shoff - + i_ehdr.e_shnum * i_ehdr.e_shentsize)) + shdr_end = 0; + if (i_ehdr.e_shoff != 0 && i_ehdr.e_shnum != 0 && i_ehdr.e_shentsize != 0) { - contents_size = last_phdr->p_offset + last_phdr->p_filesz; - if ((bfd_vma) contents_size < (i_ehdr.e_shoff - + i_ehdr.e_shnum * i_ehdr.e_shentsize)) - contents_size = i_ehdr.e_shoff + i_ehdr.e_shnum * i_ehdr.e_shentsize; + shdr_end = i_ehdr.e_shoff + i_ehdr.e_shnum * i_ehdr.e_shentsize; + + if (last_phdr->p_filesz != last_phdr->p_memsz) + { + /* If the last PT_LOAD header has a bss area then ld.so will + have cleared anything past p_filesz, zapping the section + headers. */ + } + else if (size >= shdr_end) + high_offset = size; + else + { + bfd_vma page_size = get_elf_backend_data (templ)->minpagesize; + bfd_vma segment_end = last_phdr->p_offset + last_phdr->p_filesz; + + /* Assume we loaded full pages, allowing us to sometimes see + section headers. */ + if (page_size > 1 && shdr_end > segment_end) + { + bfd_vma page_end = (segment_end + page_size - 1) & -page_size; + + if (page_end >= shdr_end) + /* Whee, section headers covered. */ + high_offset = shdr_end; + } + } } - else - contents_size = last_phdr->p_offset + last_phdr->p_filesz; /* Now we know the size of the whole image we want read in. */ - contents = (bfd_byte *) bfd_zmalloc (contents_size); + contents = (bfd_byte *) bfd_zmalloc (high_offset); if (contents == NULL) { free (x_phdrs); - bfd_set_error (bfd_error_no_memory); return NULL; } for (i = 0; i < i_ehdr.e_phnum; ++i) if (i_phdrs[i].p_type == PT_LOAD) { - bfd_vma start = i_phdrs[i].p_offset & -i_phdrs[i].p_align; - bfd_vma end = (i_phdrs[i].p_offset + i_phdrs[i].p_filesz - + i_phdrs[i].p_align - 1) & -i_phdrs[i].p_align; - if (end > (bfd_vma) contents_size) - end = contents_size; - err = target_read_memory ((loadbase + i_phdrs[i].p_vaddr) - & -i_phdrs[i].p_align, + bfd_vma start = i_phdrs[i].p_offset; /* Octets. */ + bfd_vma end = start + i_phdrs[i].p_filesz; /* Octets. */ + bfd_vma vaddr = i_phdrs[i].p_vaddr; /* Octets. */ + + /* Extend the beginning of the first pt_load to cover file + header and program headers, if we proved earlier that its + aligned offset is 0. */ + if (first_phdr == &i_phdrs[i]) + { + vaddr -= start; + start = 0; + } + /* Extend the end of the last pt_load to cover section headers. */ + if (last_phdr == &i_phdrs[i]) + end = high_offset; + err = target_read_memory (loadbase + vaddr / opb, contents + start, end - start); if (err) { @@ -1767,8 +1878,7 @@ NAME(_bfd_elf,bfd_from_remote_memory) /* If the segments visible in memory didn't include the section headers, then clear them from the file header. */ - if ((bfd_vma) contents_size < (i_ehdr.e_shoff - + i_ehdr.e_shnum * i_ehdr.e_shentsize)) + if (high_offset < shdr_end) { memset (&x_ehdr.e_shoff, 0, sizeof x_ehdr.e_shoff); memset (&x_ehdr.e_shnum, 0, sizeof x_ehdr.e_shnum); @@ -1784,20 +1894,26 @@ NAME(_bfd_elf,bfd_from_remote_memory) if (bim == NULL) { free (contents); - bfd_set_error (bfd_error_no_memory); + return NULL; + } + filename = bfd_strdup (""); + if (filename == NULL) + { + free (bim); + free (contents); return NULL; } nbfd = _bfd_new_bfd (); if (nbfd == NULL) { + free (filename); free (bim); free (contents); - bfd_set_error (bfd_error_no_memory); return NULL; } - nbfd->filename = ""; + nbfd->filename = filename; nbfd->xvec = templ->xvec; - bim->size = contents_size; + bim->size = high_offset; bim->buffer = contents; nbfd->iostream = bim; nbfd->flags = BFD_IN_MEMORY;