From 8b971f9fe98d53e92ad7ca36a55c207eda5782aa Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Wed, 1 Feb 2012 15:44:30 +0000 Subject: [PATCH] PR binutils/13482 * readelf.c (process_corefile_note_segment): Fix off-by-one errors verifying the contents of a note. * binutils-all/version.s: New test source file. * binutils-all/readelf.n: New file: expected readelf output. * binutils-all/readelf.exp: Add test of .note section contents. --- binutils/ChangeLog | 6 ++++++ binutils/readelf.c | 6 +++--- binutils/testsuite/ChangeLog | 6 ++++++ binutils/testsuite/binutils-all/readelf.exp | 17 ++++++++++++++++- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 304da8317d..87367ca2fb 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2012-02-01 Nick Clifton + + PR binutils/13482 + * readelf.c (process_corefile_note_segment): Fix off-by-one errors + verifying the contents of a note. + 2012-01-26 Nick Clifton PR binutils/13622 diff --git a/binutils/readelf.c b/binutils/readelf.c index 861b2c1662..3ade53e858 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -1,6 +1,6 @@ /* readelf.c -- display contents of an ELF format file Copyright 1998, 1999, 2000, 2001, 2002, 2003, 2004, 2005, 2006, 2007, - 2008, 2009, 2010, 2011 + 2008, 2009, 2010, 2011, 2012 Free Software Foundation, Inc. Originally developed by Eric Youngdale @@ -12994,7 +12994,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length) external = next; /* Prevent out-of-bounds indexing. */ - if (inote.namedata + inote.namesz >= (char *) pnotes + length + if (inote.namedata + inote.namesz > (char *) pnotes + length || inote.namedata + inote.namesz < inote.namedata) { warn (_("corrupt note found at offset %lx into core notes\n"), @@ -13008,7 +13008,7 @@ process_corefile_note_segment (FILE * file, bfd_vma offset, bfd_vma length) one version of Linux (RedHat 6.0) generates corefiles that don't comply with the ELF spec by failing to include the null byte in namesz. */ - if (inote.namedata[inote.namesz] != '\0') + if (inote.namedata[inote.namesz - 1] != '\0') { temp = (char *) malloc (inote.namesz + 1); diff --git a/binutils/testsuite/ChangeLog b/binutils/testsuite/ChangeLog index 277571951a..ecf56b8bdf 100644 --- a/binutils/testsuite/ChangeLog +++ b/binutils/testsuite/ChangeLog @@ -1,3 +1,9 @@ +2012-02-01 Nick Clifton + + PR binutils/13482 + * binutils-all/version.s: New test source file. + * binutils-all/readelf.n: New file: expected readelf output. + * binutils-all/readelf.exp: Add test of .note section contents. For older changes see ChangeLog-0411 diff --git a/binutils/testsuite/binutils-all/readelf.exp b/binutils/testsuite/binutils-all/readelf.exp index 8b68aececd..e611cb2cdd 100644 --- a/binutils/testsuite/binutils-all/readelf.exp +++ b/binutils/testsuite/binutils-all/readelf.exp @@ -1,4 +1,4 @@ -# Copyright 1999, 2000, 2001, 2003, 2004, 2007, 2009 +# Copyright 1999, 2000, 2001, 2003, 2004, 2007, 2009, 2012 # Free Software Foundation, Inc. # This program is free software; you can redistribute it and/or modify @@ -337,3 +337,18 @@ readelf_wi_test readelf_compressed_wa_test readelf_dump_test + +# PR 13482 - Check for off-by-one errors when dumping .note sections. +if {![binutils_assemble $srcdir/$subdir/version.s tmpdir/version.o]} then { + perror "could not assemble version note test file" + unresolved "readelf - failed to assemble" + return +} + +if ![is_remote host] { + set tempfile tmpdir/version.o +} else { + set tempfile [remote_download host tmpdir/version.o] +} + +readelf_test -n $tempfile readelf.n {} -- 2.34.1