PR24876, readelf: heap-buffer-overflow in dump_ia64_unwind

[external/binutils.git] / gas / write.c

diff --git a/gas/write.c b/gas/write.c
index 91767fb..e9a17e4 100644 (file)
--- a/gas/write.c
+++ b/gas/write.c
@@ -174,9 +174,7 @@ fix_new_internal (fragS *frag,              /* Which frag?  */
   fixP->fx_dot_frag = dot_frag;
   fixP->fx_pcrel = pcrel;
   fixP->fx_r_type = r_type;
-  fixP->fx_im_disp = 0;
   fixP->fx_pcrel_adjust = 0;
-  fixP->fx_bit_fixP = 0;
   fixP->fx_addnumber = 0;
   fixP->fx_tcbit = 0;
   fixP->fx_tcbit2 = 0;
@@ -1093,7 +1091,7 @@ fixup_segment (fixS *fixP, segT this_segment)
            symbol_mark_used_in_reloc (fixP->fx_subsy);
        }
 
-      if (!fixP->fx_bit_fixP && !fixP->fx_no_overflow && fixP->fx_size != 0)
+      if (!fixP->fx_no_overflow && fixP->fx_size != 0)
        {
          if (fixP->fx_size < sizeof (valueT))
            {
@@ -1131,7 +1129,7 @@ fixup_segment (fixS *fixP, segT this_segment)
                          (long) add_number,
                          (long) (fragP->fr_address + fixP->fx_where));
 #endif
-       }                       /* Not a bit fix.  */
+       }
 
 #ifdef TC_VALIDATE_FIX
     skip:  ATTRIBUTE_UNUSED_LABEL
@@ -1242,6 +1240,7 @@ write_relocs (bfd *abfd, asection *sec, void *xxx ATTRIBUTE_UNUSED)
 
   /* Extract relocs for this section from reloc_list.  */
   rp = &reloc_list;
+
   my_reloc_list = NULL;
   while ((r = *rp) != NULL)
     {
@@ -1891,7 +1890,8 @@ create_obj_attrs_section (void)
 static void
 create_note_reloc (segT           sec,
                   symbolS *      sym,
-                  bfd_size_type  offset,
+                  bfd_size_type  note_offset,
+                  bfd_size_type  desc2_offset,
                   int            reloc_type,
                   bfd_vma        addend,
                   char *         note)
@@ -1901,10 +1901,10 @@ create_note_reloc (segT           sec,
   reloc = XNEW (struct reloc_list);
 
   /* We create a .b type reloc as resolve_reloc_expr_symbols() has already been called.  */
-  reloc->u.b.sec   = sec;
-  reloc->u.b.s     = symbol_get_bfdsym (sym);
+  reloc->u.b.sec           = sec;
+  reloc->u.b.s             = symbol_get_bfdsym (sym);
   reloc->u.b.r.sym_ptr_ptr = & reloc->u.b.s;
-  reloc->u.b.r.address     = offset;
+  reloc->u.b.r.address     = note_offset + desc2_offset;
   reloc->u.b.r.addend      = addend;
   reloc->u.b.r.howto       = bfd_reloc_type_lookup (stdoutput, reloc_type);
 
@@ -1929,12 +1929,12 @@ create_note_reloc (segT           sec,
       if (target_big_endian)
        {
          if (bfd_arch_bits_per_address (stdoutput) <= 32)
-           note[offset + 3] = addend;
+           note[desc2_offset + 3] = addend;
          else
-           note[offset + 7] = addend;
+           note[desc2_offset + 7] = addend;
        }
       else
-       note[offset] = addend;
+       note[desc2_offset] = addend;
     }
 }
 
@@ -2037,10 +2037,10 @@ maybe_generate_build_notes (void)
        memcpy (note + 12, "GA$\ 13a1", 8);
 
        /* Create a relocation to install the start address of the note...  */
-       create_note_reloc (sec, sym, total_size + 20, desc_reloc, 0, note);
+       create_note_reloc (sec, sym, total_size, 20, desc_reloc, 0, note);
 
        /* ...and another one to install the end address.  */
-       create_note_reloc (sec, sym, total_size + desc2_offset, desc_reloc,
+       create_note_reloc (sec, sym, total_size, desc2_offset, desc_reloc,
                           bfd_get_section_size (bsym->section),
                           note);
 
@@ -2271,7 +2271,7 @@ write_object_file (void)
   if (IS_ELF)
     maybe_generate_build_notes ();
 #endif
-  
+
   PROGRESS (1);
 
 #ifdef tc_frob_file_before_adjust
@@ -3142,14 +3142,6 @@ print_fixup (fixS *fixp)
     fprintf (stderr, " pcrel");
   if (fixp->fx_pcrel_adjust)
     fprintf (stderr, " pcrel_adjust=%d", fixp->fx_pcrel_adjust);
-  if (fixp->fx_im_disp)
-    {
-#ifdef TC_NS32K
-      fprintf (stderr, " im_disp=%d", fixp->fx_im_disp);
-#else
-      fprintf (stderr, " im_disp");
-#endif
-    }
   if (fixp->fx_tcbit)
     fprintf (stderr, " tcbit");
   if (fixp->fx_done)