git.ipfire.org Git - thirdparty/binutils-gdb.git/commit

author	Alan Modra <amodra@gmail.com>
	Sun, 24 Oct 2021 09:57:06 +0000 (20:27 +1030)
committer	Alan Modra <amodra@gmail.com>
	Sun, 24 Oct 2021 11:35:51 +0000 (22:05 +1030)
commit	1ed0032b40063795d6c3ce89eab3101a8fd67569
tree	8b934260c43ee41d117c8c9fb5e12062654b23ad	tree \| snapshot
parent	e02812494254b70fec6fa432f7f668956711133b	commit \| diff

asan: c4x, c54x coff_canonicalize_reloc buffer overflow

Sometimes the investigation of a fuzzing bug report leads into areas
you'd rather not go. In this instance by the time I'd figured out the
real cause was a target variant that had never been properly supported
in binutils, the time needed to fix it was less than the time needed
to rip it out.

* coffcode.h (coff_set_alignment_hook): Call bfd_coff_swap_reloc_in
not coff_swap_reloc_in.
(coff_slurp_reloc_table): Likewise. Don't use RELOC type.
(ticoff0_swap_table): Use coff_swap_reloc_v0_out and
coff_swap_reloc_v0_in.
* coffswap.h (coff_swap_reloc_v0_in, coff_swap_reloc_v0_out): New.
* coff-tic54x.c (tic54x_lookup_howto): Don't abort.
* coffgen.c (coff_get_normalized_symtab): Use PTR_ADD.
* bfd-in.h (PTR_ADD, NPTR_ADD): Avoid warnings when passing an
expression.
* bfd-in2.h: Regenerate.

bfd/bfd-in.h		diff \| blob \| blame \| history
bfd/bfd-in2.h		diff \| blob \| blame \| history
bfd/coff-tic54x.c		diff \| blob \| blame \| history
bfd/coffcode.h		diff \| blob \| blame \| history
bfd/coffgen.c		diff \| blob \| blame \| history
bfd/coffswap.h		diff \| blob \| blame \| history