From: Alan Modra <amodra@gmail.com>
Date: Sun, 26 Jan 2025 02:42:45 +0000 (+1030)
Subject: loongson buffer overflow
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=59ba00f21f7d48780e92a9fb66ed4abbedc3bd28;p=thirdparty%2Fbinutils-gdb.git

loongson buffer overflow

bfd_elfNN_loongarch_set_data_segment_info can be called from the target
after_allocation function with a non-ELF hash table.  This is seen in
the ld-elf pr21884 testcase.  Fix the problem by first checking the
hash table type before writing to a loongarch_elf_hash_table field.
---

diff --git a/bfd/elfnn-loongarch.c b/bfd/elfnn-loongarch.c
index efa57184e44..c24b2600a9a 100644
--- a/bfd/elfnn-loongarch.c
+++ b/bfd/elfnn-loongarch.c
@@ -5267,8 +5267,9 @@ void
 bfd_elfNN_loongarch_set_data_segment_info (struct bfd_link_info *info,
 				     int *data_segment_phase)
 {
-  struct loongarch_elf_link_hash_table *htab = loongarch_elf_hash_table (info);
-  htab->data_segment_phase = data_segment_phase;
+  if (is_elf_hash_table (info->hash)
+      && elf_hash_table_id (elf_hash_table (info)) == LARCH_ELF_DATA)
+    loongarch_elf_hash_table (info)->data_segment_phase = data_segment_phase;
 }
 
 /* Implement R_LARCH_ALIGN by deleting excess alignment NOPs.