/* BFD semi-generic back-end for a.out binaries.
- Copyright (C) 1990-2016 Free Software Foundation, Inc.
+ Copyright (C) 1990-2017 Free Software Foundation, Inc.
Written by Cygnus Support.
This file is part of BFD, the Binary File Descriptor library.
PUT_WORD (abfd, g->address, natptr->r_address);
+ BFD_ASSERT (g->howto != NULL);
r_length = g->howto->size ; /* Size as a power of two. */
r_pcrel = (int) g->howto->pc_relative; /* Relative to PC? */
/* XXX This relies on relocs coming from a.out files. */
for (natptr = native;
count != 0;
--count, natptr += each_size, ++generic)
- MY_swap_ext_reloc_out (abfd, *generic,
- (struct reloc_ext_external *) natptr);
+ {
+ /* PR 20921: If the howto field has not been initialised then skip
+ this reloc.
+ PR 20929: Similarly for the symbol field. */
+ if ((*generic)->howto == NULL
+ || (*generic)->sym_ptr_ptr == NULL)
+ {
+ bfd_set_error (bfd_error_invalid_operation);
+ _bfd_error_handler (_("\
+%B: attempt to write out unknown reloc type"), abfd);
+ return FALSE;
+ }
+ MY_swap_ext_reloc_out (abfd, *generic,
+ (struct reloc_ext_external *) natptr);
+ }
}
else
{
for (natptr = native;
count != 0;
--count, natptr += each_size, ++generic)
- MY_swap_std_reloc_out (abfd, *generic,
- (struct reloc_std_external *) natptr);
+ {
+ if ((*generic)->howto == NULL
+ || (*generic)->sym_ptr_ptr == NULL)
+ {
+ bfd_set_error (bfd_error_invalid_operation);
+ _bfd_error_handler (_("\
+%B: attempt to write out unknown reloc type"), abfd);
+ return FALSE;
+ }
+ MY_swap_std_reloc_out (abfd, *generic,
+ (struct reloc_std_external *) natptr);
+ }
}
if (bfd_bwrite ((void *) native, natsize, abfd) != natsize)
const char *function = func->name;
char *colon;
+ if (buf == NULL)
+ {
+ /* PR binutils/20892: In a corrupt input file func can be empty. */
+ * functionname_ptr = NULL;
+ return TRUE;
+ }
/* The caller expects a symbol name. We actually have a
function name, without the leading underscore. Put the
underscore back in, so that the caller gets a symbol name. */
continue;
/* PR 19629: Corrupt binaries can contain illegal string offsets. */
- if (GET_WORD (abfd, p->e_strx) > obj_aout_external_string_size (abfd))
+ if (GET_WORD (abfd, p->e_strx) >= obj_aout_external_string_size (abfd))
return FALSE;
name = strings + GET_WORD (abfd, p->e_strx);
-
value = GET_WORD (abfd, p->e_value);
flags = BSF_GLOBAL;
string = NULL;
case N_INDR | N_EXT:
/* An indirect symbol. The next symbol is the symbol
which this one really is. */
- BFD_ASSERT (p + 1 < pend);
+ /* See PR 20925 for a reproducer. */
+ if (p + 1 >= pend)
+ return FALSE;
++p;
/* PR 19629: Corrupt binaries can contain illegal string offsets. */
- if (GET_WORD (abfd, p->e_strx) > obj_aout_external_string_size (abfd))
+ if (GET_WORD (abfd, p->e_strx) >= obj_aout_external_string_size (abfd))
return FALSE;
string = strings + GET_WORD (abfd, p->e_strx);
section = bfd_ind_section_ptr;
++p;
string = name;
/* PR 19629: Corrupt binaries can contain illegal string offsets. */
- if (GET_WORD (abfd, p->e_strx) > obj_aout_external_string_size (abfd))
+ if (GET_WORD (abfd, p->e_strx) >= obj_aout_external_string_size (abfd))
return FALSE;
name = strings + GET_WORD (abfd, p->e_strx);
section = bfd_und_section_ptr;
projects / deliverable / binutils-gdb.git / blobdiff