[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/26569] R_RISCV_RVC_JUMP results in buffer overflow
From: |
cvs-commit at gcc dot gnu.org |
Subject: |
[Bug ld/26569] R_RISCV_RVC_JUMP results in buffer overflow |
Date: |
Mon, 21 Sep 2020 00:11:32 +0000 |
https://sourceware.org/bugzilla/show_bug.cgi?id=26569
--- Comment #2 from cvs-commit at gcc dot gnu.org <cvs-commit at gcc dot
gnu.org> ---
The master branch has been updated by Alan Modra <amodra@sourceware.org>:
https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b1b11e922b3de18b7e226da6fe6d87fa17564bde
commit b1b11e922b3de18b7e226da6fe6d87fa17564bde
Author: Alan Modra <amodra@gmail.com>
Date: Thu Sep 17 07:44:53 2020 +0930
PR26569, R_RISCV_RVC_JUMP results in buffer overflow
This patch corrects "size" and "bitsize" in R_RISCV_RVC_* reloc howtos
so that elfnn-riscv.c:perform_relocation doesn't access past the end
of a section. I've also corrected "size" in the R_RISCV_CALL* reloc
howtos since these relocs apply to two consecutive instructions. That
caused fallout in the assembler with complaints about "fixup not
contained within frag" due to tc-riscv.c:append_insn finishing off a
frag after the auipc insn making up a "call" macro. Which is a little
rude since the CALL reloc also relocates the following jalr. Fixed by
changing the frag handling a little.
I've also changed R_RISCV_ALIGN and R_RISCV_TPREL_ADD marker reloc
howtos to look like R_RISCV_NONE, and corrected dst_mask for numerous
relocs, not that it matters very much.
bfd/
PR 26569
* elfxx-riscv.c (howto_table): Correct size and bitsize of
R_RISCV_RVC_BRANCH, R_RISCV_RVC_JUMP, and R_RISCV_RVC_LUI.
Correct size for R_RISCV_TLS_DTPMOD32, R_RISCV_TLS_DTPREL32,
R_RISCV_CALL, and R_RISCV_CALL_PLT. Make R_RISCV_TPREL_ADD and
R_RISCV_ALIGN like R_RISCV_NONE. Correct dst_mask many relocs.
gas/
* config/tc-riscv.c (append_insn): Don't tie off frags at CALL
relocs.
(riscv_call): Tie them off after the jalr.
(md_apply_fix): Zero fx_size of RELAX fixup.
--
You are receiving this mail because:
You are on the CC list for the bug.