From 35a14c6b54b63adc6b6ef28a4e4403bb271b9bdd Mon Sep 17 00:00:00 2001 From: "H.J. Lu" Date: Sat, 22 Nov 2014 08:58:07 -0800 Subject: [PATCH] Check branch displacement overflow in x86-64 PLT entry Displacement of branch to PLT0 in x86-64 PLT entry is signed 32-bit. This patch adds a sanity check. We will only see the failure when PLT size is > 2GB. * elf64-x86-64.c (elf_x86_64_finish_dynamic_symbol): Check branch displacement overflow in PLT entry. --- bfd/ChangeLog | 5 +++++ bfd/elf64-x86-64.c | 12 ++++++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/bfd/ChangeLog b/bfd/ChangeLog index 5700c51..040576a 100644 --- a/bfd/ChangeLog +++ b/bfd/ChangeLog @@ -1,3 +1,8 @@ +2014-11-22 H.J. Lu + + * elf64-x86-64.c (elf_x86_64_finish_dynamic_symbol): Check + branch displacement overflow in PLT entry. + 2014-11-21 Nick Clifton PR binutils/17512 diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c index c64ff4f..8859429 100644 --- a/bfd/elf64-x86-64.c +++ b/bfd/elf64-x86-64.c @@ -4906,11 +4906,19 @@ elf_x86_64_finish_dynamic_symbol (bfd *output_bfd, /* Don't fill PLT entry for static executables. */ if (plt == htab->elf.splt) { + bfd_vma plt0_offset = h->plt.offset + plt_plt_insn_end; + /* Put relocation index. */ bfd_put_32 (output_bfd, plt_index, plt->contents + h->plt.offset + abed->plt_reloc_offset); - /* Put offset for jmp .PLT0. */ - bfd_put_32 (output_bfd, - (h->plt.offset + plt_plt_insn_end), + + /* Put offset for jmp .PLT0 and check for overflow. We don't + check relocation index for overflow since branch displacement + will overflow first. */ + if (plt0_offset > 0x80000000) + info->callbacks->einfo (_("%F%B: branch displacement overflow in PLT entry for `%s'\n"), + output_bfd, h->root.root.string); + bfd_put_32 (output_bfd, - plt0_offset, plt->contents + h->plt.offset + plt_plt_offset); } -- 2.7.4