diff options
| author | Alan Modra <amodra@gmail.com> | 2020-02-19 13:15:20 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2020-02-19 13:15:20 +1030 |
| commit | 806470a219e84665a59fc6be632d4ed6a4ad908b (patch) | |
| tree | 2d6c80034712a1dca2ef77c4926caf39a1bce949 /bfd/som.c | |
| parent | 1f4361a77b18c5ab32baf2f30fefe5e301e017be (diff) | |
| download | binutils-gdb-806470a219e84665a59fc6be632d4ed6a4ad908b.tar.gz | |
Miscellaneous memory alloc related fixes
Some minor tidies. Allocating memory for internal relocs and symbols
after reading external relocs is slightly better with fuzzed files.
You can at least do something about silly sizes that way.
* aoutx.h (slurp_reloc_table): Allocate reloc_cache after
reading external relocs.
* ecoff.c (ecoff_slurp_reloc_table): Likewise.
* archive.c (_bfd_write_archive_contents): Don't twiddle bfd_error
after bfd_bread.
* archive64.c (_bfd_archive_64_bit_slurp_armap): Remove unnecessary
bfd_release.
* elf32-m32c.c (m32c_offset_for_reloc): Make shndx_buf a bfd_byte*.
(m32c_elf_relax_section): Likewise.
* elf32-rl78.c (rl78_offset_for_reloc): Likewise.
(rl78_elf_relax_section): Likewise.
* elf32-rx.c (rx_offset_for_reloc): Likewise.
(elf32_rx_relax_section): Likewise.
* mach-o.c (bfd_mach_o_alloc_and_read): Move earlier with better
parameter types and use..
(bfd_mach_o_read_dylinker, bfd_mach_o_read_dylib),
(bfd_mach_o_read_fvmlib, bfd_mach_o_read_str): ..in these functions.
* peicode.h (pe_bfd_object_p): Don't zero the part of opthdr
being read from file, just the extra.
* som.c (som_slurp_symbol_table): Allocate internal symbol buffer
after reading external syms. Free on failure.
Diffstat (limited to 'bfd/som.c')
| -rw-r--r-- | bfd/som.c | 22 |
1 files changed, 12 insertions, 10 deletions
diff --git a/bfd/som.c b/bfd/som.c index d7d4d8f845f..bd685920ba7 100644 --- a/bfd/som.c +++ b/bfd/som.c @@ -4659,7 +4659,7 @@ som_slurp_symbol_table (bfd *abfd) size_t symsize = sizeof (struct som_external_symbol_dictionary_record); char *stringtab; struct som_external_symbol_dictionary_record *buf = NULL, *bufp, *endbufp; - som_symbol_type *sym, *symbase; + som_symbol_type *sym, *symbase = NULL; size_t amt; /* Return saved value if it exists. */ @@ -4675,15 +4675,6 @@ som_slurp_symbol_table (bfd *abfd) stringtab = obj_som_stringtab (abfd); - if (_bfd_mul_overflow (symbol_count, sizeof (som_symbol_type), &amt)) - { - bfd_set_error (bfd_error_file_too_big); - goto error_return; - } - symbase = bfd_zmalloc (amt); - if (symbase == NULL) - goto error_return; - /* Read in the external SOM representation. */ if (_bfd_mul_overflow (symbol_count, symsize, &amt)) { @@ -4698,6 +4689,15 @@ som_slurp_symbol_table (bfd *abfd) if (bfd_bread (buf, amt, abfd) != amt) goto error_return; + if (_bfd_mul_overflow (symbol_count, sizeof (som_symbol_type), &amt)) + { + bfd_set_error (bfd_error_file_too_big); + goto error_return; + } + symbase = bfd_zmalloc (amt); + if (symbase == NULL) + goto error_return; + /* Iterate over all the symbols and internalize them. */ endbufp = buf + symbol_count; for (bufp = buf, sym = symbase; bufp < endbufp; ++bufp) @@ -4837,6 +4837,8 @@ som_slurp_symbol_table (bfd *abfd) return (TRUE); error_return: + if (symbase != NULL) + free (symbase); if (buf != NULL) free (buf); return FALSE; |