PR30326, uninitialised value in objdump compare_relocs

This is a fuzzing PR, with a testcase involving a SHF_ALLOC and
SHF_COMPRESSED SHT_RELA section, ie. a compressed dynamic reloc
section.  BFD doesn't handle compressed relocation sections, with most
of the code reading relocs using sh_size (often no bfd section is
created) but in the case of SHF_ALLOC dynamic relocs we had some code
using the bfd section size.  This led to a mismatch, sh_size is
compressed, size is uncompressed, and from that some uninitialised
memory.  Consistently using sh_size is enough to fix this PR, but I've
also added tests to exclude SHF_COMPRESSED reloc sections from
consideration.

	PR 30362
	* elf.c (bfd_section_from_shdr): Exclude reloc sections with
	SHF_COMPRESSED flag from normal reloc processing.
	(_bfd_elf_get_dynamic_reloc_upper_bound): Similarly exclude
	SHF_COMPRESSED sections from consideration.  Use sh_size when
	sizing to match slurp_relocs.
	(_bfd_elf_canonicalize_dynamic_reloc): Likewise.
	(_bfd_elf_get_synthetic_symtab): Use NUM_SHDR_ENTRIES to size
	plt relocs.
	* elf32-arm.c (elf32_arm_get_synthetic_symtab): Likewise.
	* elf32-ppc.c (ppc_elf_get_synthetic_symtab): Likewise.
	* elf64-ppc.c (ppc64_elf_get_synthetic_symtab): Likewise.
	* elfxx-mips.c (_bfd_mips_elf_get_synthetic_symtab): Likewise.

1 files changed, 1 insertions, 1 deletions

diff --git a/bfd/elf32-ppc.c b/bfd/elf32-ppc.c
index bb77ba2d5c7..2cff158a5f5 100644
--- a/bfd/elf32-ppc.c
+++ b/bfd/elf32-ppc.c
@@ -1920,7 +1920,7 @@ ppc_elf_get_synthetic_symtab (bfd *abfd, long symcount, asymbol **syms,
 	    }
     }
 
-  count = relplt->size / sizeof (Elf32_External_Rela);
+  count = NUM_SHDR_ENTRIES (&elf_section_data (relplt)->this_hdr);
   /* If the stubs are those for -shared/-pie then we might have
      multiple stubs for each plt entry.  If that is the case then
      there is no way to associate stubs with their plt entries short