PR24337, segfault in _bfd_elf_rela_local_sym

Message ID 20190315093355.GM20126@bubble.grove.modra.org
State New
Headers show
Series
  • PR24337, segfault in _bfd_elf_rela_local_sym
Related show

Commit Message

Alan Modra March 15, 2019, 9:33 a.m.
PR 24337
	* elf.c (_bfd_elf_rela_local_sym): Don't segfault on NULL sec.
	(_bfd_elf_rel_local_sym): Likewise.


-- 
Alan Modra
Australia Development Lab, IBM

Comments

Alan Modra March 16, 2019, 3:58 a.m. | #1
On Fri, Mar 15, 2019 at 08:03:55PM +1030, Alan Modra wrote:
> 	PR 24337

> 	* elf.c (_bfd_elf_rela_local_sym): Don't segfault on NULL sec.

> 	(_bfd_elf_rel_local_sym): Likewise.


Reverts commit 1ff31e135f, fixing the problem more generally.  There
are likely other place that will segfault on a NULL section.

	PR 24337
	* elf.c (_bfd_elf_rela_local_sym): Revert last change.
	(_bfd_elf_rel_local_sym): Likewise.
	* elflink.c (elf_link_input_bfd): Use bfd_und_section for
	section of symbols with unrecognized shndx.

diff --git a/bfd/elf.c b/bfd/elf.c
index 585bf3ca7d..73fb86971f 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -11822,10 +11822,9 @@ _bfd_elf_rela_local_sym (bfd *abfd,
   asection *sec = *psec;
   bfd_vma relocation;
 
-  relocation = sym->st_value;
-  if (sec == NULL)
-    return relocation;
-  relocation += sec->output_section->vma + sec->output_offset;
+  relocation = (sec->output_section->vma
+		+ sec->output_offset
+		+ sym->st_value);
   if ((sec->flags & SEC_MERGE)
       && ELF_ST_TYPE (sym->st_info) == STT_SECTION
       && sec->sec_info_type == SEC_INFO_TYPE_MERGE)
@@ -11859,7 +11858,7 @@ _bfd_elf_rel_local_sym (bfd *abfd,
 {
   asection *sec = *psec;
 
-  if (sec == NULL || sec->sec_info_type != SEC_INFO_TYPE_MERGE)
+  if (sec->sec_info_type != SEC_INFO_TYPE_MERGE)
     return sym->st_value + addend;
 
   return _bfd_merged_section_offset (abfd, psec,
diff --git a/bfd/elflink.c b/bfd/elflink.c
index 09990a438f..c796e27a14 100644
--- a/bfd/elflink.c
+++ b/bfd/elflink.c
@@ -10421,8 +10421,7 @@ elf_link_input_bfd (struct elf_final_link_info *flinfo, bfd *input_bfd)
 	    {
 	      /* Don't attempt to output symbols with st_shnx in the
 		 reserved range other than SHN_ABS and SHN_COMMON.  */
-	      *ppsection = NULL;
-	      continue;
+	      isec = bfd_und_section_ptr;
 	    }
 	  else if (isec->sec_info_type == SEC_INFO_TYPE_MERGE
 		   && ELF_ST_TYPE (isym->st_info) != STT_SECTION)

-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/bfd/elf.c b/bfd/elf.c
index 73fb86971f..585bf3ca7d 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -11822,9 +11822,10 @@  _bfd_elf_rela_local_sym (bfd *abfd,
   asection *sec = *psec;
   bfd_vma relocation;
 
-  relocation = (sec->output_section->vma
-		+ sec->output_offset
-		+ sym->st_value);
+  relocation = sym->st_value;
+  if (sec == NULL)
+    return relocation;
+  relocation += sec->output_section->vma + sec->output_offset;
   if ((sec->flags & SEC_MERGE)
       && ELF_ST_TYPE (sym->st_info) == STT_SECTION
       && sec->sec_info_type == SEC_INFO_TYPE_MERGE)
@@ -11858,7 +11859,7 @@  _bfd_elf_rel_local_sym (bfd *abfd,
 {
   asection *sec = *psec;
 
-  if (sec->sec_info_type != SEC_INFO_TYPE_MERGE)
+  if (sec == NULL || sec->sec_info_type != SEC_INFO_TYPE_MERGE)
     return sym->st_value + addend;
 
   return _bfd_merged_section_offset (abfd, psec,