git.ipfire.org Git - thirdparty/binutils-gdb.git/commit

author	Alan Modra <amodra@gmail.com>
	Thu, 30 Jan 2020 14:23:59 +0000 (00:53 +1030)
committer	Alan Modra <amodra@gmail.com>
	Fri, 31 Jan 2020 00:17:46 +0000 (10:47 +1030)
commit	327301a4604da40da264c554daa8c1e97aa2fbe2
tree	d9d457d95ef8aa4b6feae4e79d8bc088167e5b5c	tree \| snapshot
parent	de08f22743d4a2d4175f785cbf291f16ecd58dc8	commit \| diff

OOM in setup_group

We alloc, seek and read using section sizes in object files.  Fuzzed
objects can have silly sizes, but that's OK if the system supports
memory over-commit.  The read fails because we hit EOF and that
usually results in a graceful exit.

But if we memset before the read then the invalid size results in
attempting to write to a huge number of memory pages, and an eventual
Out Of Memory after probably swapping like crazy.  So don't memset.
There really isn't a need to clear the section contents anyway.  All
bytes are written with a good object file by the read and following
loop converting section index in target order to ELF section header
pointer, and the only untidy bytes are the 4 bytes past the group
flags when pointers are 8 bytes.  Those don't matter but the patch
clears them for anyone poking around in a debugger.  On error paths
it's as good to free section contents as it is to clear them.

Noticed when looking at PR4110 fourth test case.

PR 4110
* elf.c (setup_group): Don't clear entire section contents,
just the padding after group flags.  Release alloc'd memory
after a seek or read failure.

bfd/ChangeLog		diff \| blob \| blame \| history
bfd/elf.c		diff \| blob \| blame \| history