50 lines
1.6 KiB
Diff
50 lines
1.6 KiB
Diff
From 41461010eb7c79fee7a9d5f6209accdaac66cc6b Mon Sep 17 00:00:00 2001
|
|
From: "H.J. Lu" <hjl.tools@gmail.com>
|
|
Date: Sat, 21 Jun 2025 06:52:00 +0800
|
|
Subject: [PATCH] elf: Report corrupted group section
|
|
|
|
Report corrupted group section instead of trying to recover.
|
|
|
|
PR binutils/33050
|
|
* elf.c (bfd_elf_set_group_contents): Report corrupted group
|
|
section.
|
|
|
|
Signed-off-by: H.J. Lu <hjl.tools@gmail.com>
|
|
---
|
|
bfd/elf.c | 23 ++++++++++-------------
|
|
1 file changed, 10 insertions(+), 13 deletions(-)
|
|
|
|
--- binutils-2.41.orig/bfd/elf.c 2025-12-16 09:04:43.724584660 +0000
|
|
+++ binutils-2.41/bfd/elf.c 2025-12-16 09:04:52.974831776 +0000
|
|
@@ -4127,20 +4127,17 @@ bfd_elf_set_group_contents (bfd *abfd, a
|
|
break;
|
|
}
|
|
|
|
- /* We should always get here with loc == sec->contents + 4, but it is
|
|
- possible to craft bogus SHT_GROUP sections that will cause segfaults
|
|
- in objcopy without checking loc here and in the loop above. */
|
|
- if (loc == sec->contents)
|
|
- BFD_ASSERT (0);
|
|
- else
|
|
+ /* We should always get here with loc == sec->contents + 4. Return
|
|
+ an error for bogus SHT_GROUP sections. */
|
|
+ loc -= 4;
|
|
+ if (loc != sec->contents)
|
|
{
|
|
- loc -= 4;
|
|
- if (loc != sec->contents)
|
|
- {
|
|
- BFD_ASSERT (0);
|
|
- memset (sec->contents + 4, 0, loc - sec->contents);
|
|
- loc = sec->contents;
|
|
- }
|
|
+ /* xgettext:c-format */
|
|
+ _bfd_error_handler (_("%pB: corrupted group section: `%pA'"),
|
|
+ abfd, sec);
|
|
+ bfd_set_error (bfd_error_bad_value);
|
|
+ *failedptr = true;
|
|
+ return;
|
|
}
|
|
|
|
H_PUT_32 (abfd, sec->flags & SEC_LINK_ONCE ? GRP_COMDAT : 0, loc);
|