From 8936f76804c2908e4abe911441dd03641204df9d Mon Sep 17 00:00:00 2001 From: Nick Clifton Date: Thu, 29 Nov 2018 10:57:54 +0000 Subject: [PATCH] objdump: Fix check for corrupt reloc information, to allow for the fact that PDP11 relocs are bigger when in internal format. PR 23931 * objdump.c (dump_relocs_in_section): When checking for an unreasonable amount of relocs in a bfd, allow for the fact that the internal representation of a reloc may be bigger than the external representation. --- binutils/ChangeLog | 8 ++++++++ binutils/objdump.c | 9 +++++++-- 2 files changed, 15 insertions(+), 2 deletions(-) diff --git a/binutils/ChangeLog b/binutils/ChangeLog index f749778..ea86649 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,11 @@ +2018-11-29 Nick Clifton + + PR 23931 + * objdump.c (dump_relocs_in_section): When checking for an + unreasonable amount of relocs in a bfd, allow for the fact that + the internal representation of a reloc may be bigger than the + external representation. + 2018-11-27 Mark Wielaard PR binutils/23919 diff --git a/binutils/objdump.c b/binutils/objdump.c index e3b8d7f..21f1284 100644 --- a/binutils/objdump.c +++ b/binutils/objdump.c @@ -3489,7 +3489,12 @@ dump_relocs_in_section (bfd *abfd, } if ((bfd_get_file_flags (abfd) & (BFD_IN_MEMORY | BFD_LINKER_CREATED)) == 0 - && (((ufile_ptr) relsize > bfd_get_file_size (abfd)) + && (/* Check that the size of the relocs is reasonable. Note that some + file formats, eg aout, can have relocs whose internal size is + larger than their external size, thus we check the size divided + by four against the file size. See PR 23931 for an example of + this. */ + ((ufile_ptr) (relsize / 4) > bfd_get_file_size (abfd)) /* Also check the section's reloc count since if this is negative (or very large) the computation in bfd_get_reloc_upper_bound may have resulted in returning a small, positive integer. @@ -3500,7 +3505,7 @@ dump_relocs_in_section (bfd *abfd, section than there are bytes in that section. */ || (section->reloc_count > bfd_get_file_size (abfd)))) { - printf (" (too many: 0x%x)\n", section->reloc_count); + printf (" (too many: %#x relocs)\n", section->reloc_count); bfd_set_error (bfd_error_file_truncated); bfd_fatal (bfd_get_filename (abfd)); } -- 2.7.4