Fixes for memory access violations triggered by running readelf on fuzzed binaries.

[external/binutils.git] / binutils / ChangeLog

2015-02-10  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * dwarf.c (eh_addr_size): Use an unsigned type.
        (size_of_encoded_value): Return an unsigned type.
        (read_leb128): Break if the shift becomes too big.
        (process_extended_line_op): Do not read the address if the length
        is too long.
        (read_cie): Warn and fail if the pointer size or segment size are
        too big.
        * dwarf.h (DWARF2_External_LineInfo): Delete unused and incorrect
        structure definition.
        (DWARF2_External_PubNames): Likewise.
        (DWARF2_External_CompUnit): Likewise.
        (DWARF2_External_ARange): Likewise.
        (DWARF2_Internal_LineInfo): Use dwarf_vma type for
        li_prologue_length.
        (eh_addr_size): Update prototype.

        PR binutils/17531
        * dwarf.c (process_debug_info): Zero the debug information array
        since correct initialisation cannot be relied upon.
        (process_cu_tu_index): Improve range checks.

2015-02-09  Mark Wielaard  <mjw@redhat.com>

        * dwarf.c (read_and_display_attr_value): Handle DW_LANG_Fortran03
        and DW_LANG_Fortran08.

2015-02-06  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * dwarf.c (display_debug_frames): Fix range checks to work on
        32-bit binaries complied on a 64-bit host.

        PR binutils/17531
        * dwarf.c (xcmalloc): Fail if the arguments are too big.
        (xcrealloc): Likewise.
        (xcalloc2): Likewise.
        * readelf.c (process_mips_specific): Fail if an option has an
        invalid size.

2015-02-05  Alan Modra  <amodra@gmail.com>

        PR binutils/17926
        * dwarf.c (dwarf_select_sections_by_letters): Don't refer to optarg.

2015-02-04  Nick Clifton  <nickc@redhat.com>

        PR binutils/17531
        * dwarf.c (read_and_display_attr_value): Test for a block length
        being so long that it wraps around to before the start of the block.
        (process_debug_info): Test for section_begin wrapping around to
        before the start of the section.
        (display_gdb_index): Test for num_cus being so large that the end
        address wraps around to before the start of the section.
        (process_cu_tu_index): Test for j being so large that the section
        index pool wraps around to before the start of the section.

2015-02-03  Nick Clifton  <nickc@redhat.com>

        PR binutils/17531
        * dwarf.c (process_debug_info): Add range check.
        (display_debug_pubnames_worker): Likewise.
        (display_gdb_index): Fix range check.
        (process_cu_tu_index): Add range check.
        * readelf.c (get_data): Change parameter types from size_t to
        bfd_size_type.  Add checks for loss of accuracy when casting from
        bfd_size_type to size_t.
        (get_dynamic_data): Likewise.
        (process_section_groups): Limit number of error messages.

2015-02-03  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * objdump.c (display_any_bfd): Fail if archives nest too deeply.

2015-01-28  James Bowman  <james.bowman@ftdichip.com>

        * readelf.c: Add FT32 support.

2015-01-27  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * dlltool.c (identify_search_archive): If the last archive was the
        same as the current archive, terminate the loop.

        * addr2line.c (slurp_symtab): If the symcount is zero, free the
        symbol table pointer.

        * rcparse.y: Add checks to avoid integer divide by zero.
        * rescoff.c (read_coff_rsrc): Add check on the size of the
        resource section.
        (read_coff_res_dir): Add check on the nesting level.
        Check for resource names overrunning the buffer.
        * resrc.c (write_rc_messagetable): Update formatting.
        Add check of 'elen' being zero.

2015-01-23  Nick Clifton  <nickc@redhat.com>

        * nlmconv.c (powerpc_mangle_relocs): Fix build errors introduced
        by recent delta, when compiling on for a 32-bit host.

2015-01-21  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * addr2line.c (main): Call bfd_set_error_program_name.
        * ar.c (main): Likewise.
        * coffdump.c (main): Likewise.
        * cxxfilt.c (main): Likewise.
        * dlltool.c (main): Likewise.
        * nlmconv.c (main): Likewise.
        * nm.c (main): Likewise.
        * objdump.c (main): Likewise.
        * size.c (main): Likewise.
        * srconv.c (main): Likewise.
        * strings.c (main): Likewise.
        * sysdump.c (main): Likewise.
        * windmc.c (main): Likewise.
        * windres.c (main): Likewise.
        * objcopy.c (main): Likewise.
        (copy_relocations_in_section): Check for relocs without associated
        symbol pointers.

2015-01-21  Ramana Radhakrishnan  <ramana.radhakrishnan@arm.com>

        * MAINTAINERS: Add self to ARM maintainers list.

2015-01-21  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * coffgrok.c (do_type): Check that computed ref exists.
        (doit): Add range checks when computing section for scope.

2015-01-12  H.J. Lu  <hongjiu.lu@intel.com>

        * dwarf.c (process_debug_info): Properly check abbrev size.

2015-01-12  Nick Clifton  <nickc@redhat.com>

        PR binutils/17531
        * dwarf.c (process_debug_info): Check for abbrev_base being larger
        than the section size.
        (process_cu_tu_index): Use xcalloc2 to allocate the CU and TU
        arrays.
        (xcalloc2): New function.  Like xcalloc, but checks for overflow.
        (display_debug_addr): Use xcalloc to allocate the debug_addr_info
        array.  Check for an address_base that is too large.

        * dwarf.h (xcalloc2): Prototype.

2015-01-12  Alan Modra  <amodra@gmail.com>

        * prdbg.c (print_debugging_info): Don't use void* for function
        pointer param.
        * budbg.h (print_debugging_info): Update prototype.

2015-01-08  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * ojcopy.c (copy_object): Free the symbol table if no symbols
        could be loaded.
        (copy_file): Use bfd_close_all_done to close files that could not
        be copied.

        * sysdump.c (getINT): Fail if reading off the end of the buffer.
        Replace call to abort with a call to fatal.
        (getCHARS): Prevetn reading off the end of the buffer.

        * nlmconv.c (i386_mangle_relocs): Skip relocs without an
        associated symbol.
        (powerpc_mangle_relocs): Skip unrecognised relocs.  Check address
        range before applying a reloc.

2015-01-07  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * dlltool.c (scan_obj_file): Break loop if the last archive
        displayed matches the current archive.

        * objdump.c (display_any_bfd): Add a depth limit to nested archive
        display in order to avoid infinite loops.
        * srconv.c: Replace calls to abort with calls to fatal with an
        error message.

2015-01-06  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * coffdump.c (dump_coff_section): Check for a symbol being
        available before printing its name.
        (main): Check the return value from coff_grok.
        * coffgrok.c: Reformat and tidy.
        Add range checks to most functions.
        (coff_grok): Return NULL if the input bfd is not in a COFF
        format.
        * coffgrok.h: Reformat and tidy.
        (struct coff_section): Change the nrelocs field to unsigned.
        * srconv.c (main): Check the return value from coff_grok.

2015-01-05  Nick Clifton  <nickc@redhat.com>

        PR binutils/17512
        * nm.c (print_symbol): Add 'is_synthetic' parameter.  Use it to
        help initialize the info.elfinfo field.
        (print_size_symbols): Add 'synth_count' parameter.  Use it to set
        the is_synthetic parameter when calling print_symbol.
        (print_symbols): Likewise.
        (display_rel_file): Pass synth_count to printing function.
        (display_archive): Break loop if the last archive displayed
        matches the current archive.
        * size.c (display_archive): Likewise.

2015-01-05  Nick Clifton  <nickc@redhat.com>

        PR binutils/17531
        * dwarf.c (alloc_num_debug_info_entries): New variable.
        (process_debug_info): Set it.  Use it to avoid displaying
        attributes for which there is no info.
        (display_debug_abbrev): Check that the debug_info_entry index is
        valid before using it.
        (display_loc_list_dwo): Likewise.
        (process_cu_tu_index): Add range check for an overlarge dw_sect
        value.
        (free_debug_memory): Reset alloc_num_debug_info_entries.
        * readelf.c (slurp_ia64_unwind_table): Warn if the reloc could not
        be indentified.
        (dynamic_section_mips_val): Warn if the timestamp is invalid.
        (print_mips_got_entry): Add a data_end parameter.  Warn if a read
        would go beyond the end of the data, and return an error value.
        (process_mips_specific): Do not read options from beyond the end
        of the section.
        Correct code to display optional data at the end of an option.
        Warn if there are too many GOT symbols.
        Update calls to print_mips_got_entry, and handle error returns.

2015-01-05  Daniel Klauer  <daniel.c.klauer@web.de>

        PR binutils/17489
        * doc/binutils.texi (dlltool): Correct description of --kill-at
        option.

2015-01-01  Alan Modra  <amodra@gmail.com>

        * version.c (print_version): Just print current year.

2015-01-01  Alan Modra  <amodra@gmail.com>

        Update year range in copyright notice of all files.

For older changes see ChangeLog-2014
\f
Copyright (C) 2015 Free Software Foundation, Inc.

Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
notice and this notice are preserved.

Local Variables:
mode: change-log
left-margin: 8
fill-column: 74
version-control: never
End: