[binutils] Catch attempts to create a broken symbol index with archives > 4Gb in size. (#835957)
Nicholas Clifton
nickc at fedoraproject.org
Thu Jul 5 15:47:06 UTC 2012
commit 45e2b47aa734f19aa70da7b15ae523767a527572
Author: Nick Clifton <nickc at redhat.com>
Date: Thu Jul 5 15:41:54 2012 +0100
Catch attempts to create a broken symbol index with archives > 4Gb in size. (#835957)
binutils-2.22.52.0.4-ar-4Gb.patch | 74 +++++++++++++++++++++++++++++++++++++
binutils.spec | 5 ++-
2 files changed, 78 insertions(+), 1 deletions(-)
---
diff --git a/binutils-2.22.52.0.4-ar-4Gb.patch b/binutils-2.22.52.0.4-ar-4Gb.patch
index f8c0ffb..7262f42 100644
--- a/binutils-2.22.52.0.4-ar-4Gb.patch
+++ b/binutils-2.22.52.0.4-ar-4Gb.patch
@@ -134,3 +134,77 @@ Common subdirectories: ../binutils-2.22.52.0.4.orig/binutils/.libs and binutils/
Common subdirectories: ../binutils-2.22.52.0.4.orig/binutils/po and binutils/po
Common subdirectories: ../binutils-2.22.52.0.4.orig/binutils/testsuite and binutils/testsuite
Common subdirectories: ../binutils-2.22.52.0.4.orig/binutils/tmpdir and binutils/tmpdir
+*** ../binutils-2.22.52.0.4.orig/bfd/archive.c 2012-07-05 15:29:37.741339691 +0100
+--- bfd/archive.c 2012-07-05 15:31:58.750343601 +0100
+*************** bsd_write_armap (bfd *arch,
+*** 2405,2410 ****
+--- 2405,2413 ----
+ unsigned int count;
+ struct ar_hdr hdr;
+ long uid, gid;
++ file_ptr max_first_real = 1;
++
++ max_first_real <<= 31;
+
+ firstreal = mapsize + elength + sizeof (struct ar_hdr) + SARMAG;
+
+*************** bsd_write_armap (bfd *arch,
+*** 2463,2468 ****
+--- 2466,2480 ----
+ while (current != map[count].u.abfd);
+ }
+
++ /* The archive file format only has 4 bytes to store the offset
++ of the member. Check to make sure that firstreal has not grown
++ too big. */
++ if (firstreal >= max_first_real)
++ {
++ bfd_set_error (bfd_error_file_truncated);
++ return FALSE;
++ }
++
+ last_elt = current;
+ H_PUT_32 (arch, map[count].namidx, buf);
+ H_PUT_32 (arch, firstreal, buf + BSD_SYMDEF_OFFSET_SIZE);
+*************** coff_write_armap (bfd *arch,
+*** 2574,2580 ****
+ unsigned int ranlibsize = (symbol_count * 4) + 4;
+ unsigned int stringsize = stridx;
+ unsigned int mapsize = stringsize + ranlibsize;
+! unsigned int archive_member_file_ptr;
+ bfd *current = arch->archive_head;
+ unsigned int count;
+ struct ar_hdr hdr;
+--- 2586,2592 ----
+ unsigned int ranlibsize = (symbol_count * 4) + 4;
+ unsigned int stringsize = stridx;
+ unsigned int mapsize = stringsize + ranlibsize;
+! file_ptr archive_member_file_ptr;
+ bfd *current = arch->archive_head;
+ unsigned int count;
+ struct ar_hdr hdr;
+*************** coff_write_armap (bfd *arch,
+*** 2625,2631 ****
+
+ while (count < symbol_count && map[count].u.abfd == current)
+ {
+! if (!bfd_write_bigendian_4byte_int (arch, archive_member_file_ptr))
+ return FALSE;
+ count++;
+ }
+--- 2637,2651 ----
+
+ while (count < symbol_count && map[count].u.abfd == current)
+ {
+! unsigned int offset = (unsigned int) archive_member_file_ptr;
+!
+! /* Catch an attempt to grow an archive past its 4Gb limit. */
+! if (archive_member_file_ptr != (file_ptr) offset)
+! {
+! bfd_set_error (bfd_error_file_truncated);
+! return FALSE;
+! }
+! if (!bfd_write_bigendian_4byte_int (arch, offset))
+ return FALSE;
+ count++;
+ }
diff --git a/binutils.spec b/binutils.spec
index 1ec16b2..4e498ed 100644
--- a/binutils.spec
+++ b/binutils.spec
@@ -17,7 +17,7 @@
Summary: A GNU collection of binary utilities
Name: %{?cross}binutils%{?_with_debug:-debug}
Version: 2.22.52.0.4
-Release: 4%{?dist}
+Release: 5%{?dist}
License: GPLv3+
Group: Development/Tools
URL: http://sources.redhat.com/binutils
@@ -442,6 +442,9 @@ exit 0
%endif # %{isnative}
%changelog
+* Thu Jul 05 2012 Nick Clifton <nickc at redhat.com> - 2.22.52.0.4-5
+- Catch attempts to create a broken symbol index with archives > 4Gb in size. (#835957)
+
* Fri Jun 30 2012 Nick Clifton <nickc at redhat.com> - 2.22.52.0.4-4
- Import fix for ld/14189. (#829311)
More information about the scm-commits
mailing list