This adds a few more sanity checks on ELF objects, and a BFD flag to
disable objcopy and strip when fuzzed input files belong in the "too
hard" basket.
bfd/
PR 26348
* bfd.c (struct bfd): Add read_only.
* elfcode.h (elf_swap_shdr_in): Test both sh_offset and sh_size.
Set read_only on warning.
(elf_object_p): Sanity check program header alignment. Set
read_only on warning.
* bfd-in2.h: Regenerate.
binutils/
PR 26348
* objcopy.c (copy_object): Report file name with endian error.
Error and return on abfd->read_only.
PR binutils/pr25662
bfd * libcoff-in.h (struct pe_tdata): Rename the insert_timestamp
field to timestamp and make it an integer.
* libcoff.h: Regenerate.
* peXXigen.c (_bfd_XXi_only_swap_filehdr_out): Test the timestamp
field in the pe_data structure rather than the insert_timestamp
field.
binutils* objcopy.c (copy_object): When copying PE format files set the
timestamp field in the pe_data structure if the preserve_dates
flag is set.
* testsuite/binutils-all/objcopy.exp (objcopy_test) Use
--preserve-dates in place of the -p option, in order to make its
effect more obvious.
ld * emultempl/pe.em (after_open): Replace initialisation of the
insert_timestamp field in the pe_data structure with an
initialisation of the timestamp field.
* emultemp/pep.em: Likewise.
* pe-dll.c (fill_edata): Use the timestamp field in the pe_data
structure instead of the insert_timestamp field.
With the right set of options, the second block of code dealing with
padding can see a different section count. So don't use the new count.
Since I was editing those lines, I've also changed the code allocating
arrays a little.
array = malloc (n * sizeof (*array));
for an array of ints is just better than
array = malloc (n * sizeof (int));
It's easier to write correctly in the first place and more robust
against code changes that might modify the array element type.
PR 25651
* objcopy.c (copy_object): Test "gaps" not gap_fill_set or
pad_to_set on second block of code dealing with padding.
Replace "c" with "num_sec" and don't recalculate number of
sections on second block. Size arrays using sizeof (element)
rather than sizeof (element type).
binutils* objcopy.c (check_new_section_flags): New function. Reject the
SEC_COFF_SHARED flag if the target is not a COFF binary.
(copy_object): Call check_new_section_flags.
(setup_section): Likewise.
* doc/binutils.texi (objcopy): Add a note that the 'share' section
flag cannot be applied to ELF binaries.
bfd * elf.c (_bfd_elf_set_section_contents): Replace call to abort
with error messages and failure return values.
On machines with more than one octet per byte, objcopy fills only a part
of the gap between sections.
* objcopy.c (copy_object): Convert from bytes to octets for
--gap-fill and --pad-to.
PR 25220
* objcopy.c (empty_name): New variable.
(need_sym_before): Prevent an attempt to free a static variable.
(filter_symbols): Avoid strcmp test by checking for pointer
equality.
objcopy --add-gnu-debuglink=foo.a.dbg foo.a just doesn't make any
sense. Who puts executables in archives?
PR 24499
* objcopy.c (copy_file): Ignore --add-gnu-debuglink for archives.
This should make objcopy -B redundant for the common case of producing
ELF output where the -O target defaults to the desired arch:mach.
PR 24968
* objcopy.c (copy_object): For ELF output and non-ELF input without
arch, take arch from output file if not given by -B. Don't
bfd_get_arch_info when we already have iarch.
This PR copies a fuzzed PE input file to ELF output, in the process
confusing the ELF backend by copying COFF-only section flags to the
output. SEC_COFF_SHARED has the same value as SEC_ELF_COMPRESS. One
approach to fixing this problem is of course not to reuse flag bits,
but we've run out. So this patch only copies section flags that are
in the bfd_applicable_section_flags set when changing the flavour of
the output file.
PR 25191
* objcopy.c (is_nondebug_keep_contents_section): Use bfd_get_flavour.
(copy_object): Likewise.
(setup_section): Likewise. If flavour of input and output files
differ, restrict section flags to the intersection of input and
output bfd_applicable_section_flags.
llvm-objcopy and llvm-strip support an option --keep-section that
keeps some sections from being removed.
* objcopy.c (enum option_values): Add OPTION_KEEP_SECTION.
(SECTION_CONTEXT_KEEP): Define. Adjust other SECTION_CONTEXT macros.
(copy_usage): Describe --keep-section.
(strip_usage): Likewise.
(copy_main): Handle SECTION_CONTEXT_KEEP.
(strip_main): Likewise.
(is_strip_section_1): Likewise.
* testsuite/binutils-all/objcopy.exp: Add tests.
* testsuite/binutils-all/keep-section-1.d: New test driver file.
* testsuite/binutils-all/keep-section-2.d: Likewise.
* doc/binutils.texi: Document the new feature.
* NEWS: Mention the new feature.
* objcopy.c (struct merged_note_section): New structure. Used to
chain together details of mergeable note sections.
(is_merged_note_section): Rename to is_megreable_note_section and
return true for note sections that use GNU_BUILD_ATTRS_SECTION_NAME
as a prefix.
(num_bytes): Delete
(objcoopy_internal_note): Add padded_namesz field.
(DEBUG_MERGE): New macro. Set to non-zero to enable debugging of
the note merging code.
(gap_exists): Rename to overlaps_or_adjoins and return TRUE for
overlapping notes or adjoining notes.
(contained_by, is_deleted_note, is_version_note)
(compare_gnu_build_notes, sort_gnu_build_notes): New functions.
(merge_gnu_build_notes): Rework. Sort notes into a mergeable
order first. Merge them. Then sort them into an ascending
address order before writing them out.
(copy_object): Handle more than one mergeable note section.
* testsuite/binutils-all/note-2-32.d: Update for new merging
behaviour.
* testsuite/binutils-all/note-2-32.s: Likewise.
* testsuite/binutils-all/note-2-64.d: Likewise.
* testsuite/binutils-all/note-2-64.s: Likewise.
* testsuite/binutils-all/note-3-32.d: Likewise.
* testsuite/binutils-all/note-3-32.s: Likewise.
* testsuite/binutils-all/note-3-64.d: Likewise.
* testsuite/binutils-all/note-3-64.s: Likewise.
* testsuite/binutils-all/note-4-32.d: Likewise.
* testsuite/binutils-all/note-4-32.s: Likewise.
* testsuite/binutils-all/note-4-64.d: Likewise.
* testsuite/binutils-all/note-4-64.s: Likewise.
* testsuite/binutils-all/note-6-32.s: New test source file.
* testsuite/binutils-all/note-6-64.s: New test source file.
* testsuite/binutils-all/note-6-32.d: New test driver file.
* testsuite/binutils-all/note-6-64.d: New test driver file.
* testsuite/binutils-all/objcopy.exp: Run the new test.
PR 24942
* objcopy.c (copy_usage): Update description of
--set-section-alignment.
(copy_main): Interpret numeric argument of --set-section-alignment
as a byte alignment, not a power of two alignment.
* doc/binutils.texi: Update description of
--set-section-alignment.
* testsuite/binutils-all/set-section-alignment.d: New test.
* testsuite/binutils-all/objcopy.exp: Run the new test.
This constifies the argument to make_tempname and make_tempdir,
removing some casts.
I initially thought that this obsoleted the allocation in
write_archive, but write_archive closes the BFD before using the name,
so this appears not to be the case.
binutils/ChangeLog
2019-09-11 Tom Tromey <tom@tromey.com>
* objcopy.c (copy_archive): Update.
* bucomm.h (make_tempname, make_tempdir): Make argument const.
* bucomm.c (make_tempname, make_tempdir): Make argument const.
PR 19921
binutils* objcopy.c: Add new option --verilog-data-width. Use it to set
the value of VerilogDataWidth.
* doc/binutils.texi: Document the new option.
* testsuite/binutils-all/objcopy.exp: Run tests of new option.
* testsuite/binutils-all/verilog-1.hex: New file.
* testsuite/binutils-all/verilog-2.hex: New file.
* testsuite/binutils-all/verilog-4.hex: New file.
* testsuite/binutils-all/verilog-8.hex: New file.
* NEWS: Mention the new feature.
bfd * verilog.c: (VerilogDataWidth): New variable.
(verilog_write_record): Emit bytes in VerilogDataWidth bundles.
* objcopy.c (strip_main): Do not enable note merging by default if
just stripping debug or dwo information.
* doc/binutils.texi (strip): Update documentation.
PR 24001
* objcopy.c (copy_object): Free dhandle after writing out the
debug information.
* objdump.c (dump_bfd): Free dhandle after printing out the debug
information.
This patch performs a run-time test that a shared libbfd.so has been
compiled with the same size bfd_vma as that of apps using the library.
On a 32-bit host it is easily possible to have one libbfd.so compiled
to support 64-bit targets (or configured with --enable-64-bit-bfd)
while another only supports 32-bit targets. The two libraries will
have differently sized bfd_vma types, and if the wrong one is loaded
all sorts of weird behaviour might be seen.
bfd/
PR 23534
* init.c (BFD_INIT_MAGIC): Define.
(bfd_init): Return BFD_INIT_MAGIC.
bfd-in2.h: Regenerate.
binutils/
PR 23534
* addr2line.c (main): Exit with fatal error if bfd_init
returns an unexpected value.
* ar.c (main): Likewise.
* dlltool.c (identify_dll_for_implib): Likewise.
* nm.c (main): Likewise.
* objcopy.c (main): Likewise.
* objdump.c (main): Likewise.
* size.c (main): Likewise.
* strings.c (main): Likewise.
* windmc.c (main): Likewise.
* windres.c (main): Likewise.
gas/
PR 23534
* as.c (main): Exit with fatal error if bfd_init returns an
unexpected value.
ld/
PR 23534
* ldmain.c (main): Exit with fatal error if bfd_init returns
an unexpected value.
This is the result of an email thread starting here:
https://sourceware.org/ml/binutils/2018-09/msg00031.html
The main point of the thread is this observation:
* Supposing we had an object file with two globals, SomeGlobal and
SomeOtherGlobal, if one were to do "--globalize-symbol SomeGlobal
--keep-global-symbol SomeOtherGlobal", you might expect that both
SomeGlobal and SomeOtherGlobal are global in the output file... but it
isn't. Because --keep-global-symbol is set and doesn't include
SomeGlobal, SomeGlobal will be demoted to a local symbol. And because
the check to see if we should apply the --globalize-symbol flag checks
"flags" (the original flag set), and not "sym->flags", it decides not
to do anything, so SomeGlobal remains a local symbol. Although this is
a weird edge case, should this be changed so that --keep-global-symbol
implicitly keeps anything also specified via --globalize-symbol? (The
code seems technically correct with respect to the documentation, but
IMO the behavior is counter-intuitive).
binutils* objcopy.c (copy_main): Issue a fata error if the
--keep-global-symbol(s) and the --globalize-symbol(s) options are
used together.
* doc/binutils.texi: Document that the two options are
incompatible.
* testsuite/binutils-all/copy-5.d: New test.
* testsuite/binutils-all/objcopy.exp: Run the new test.
add_specific_symbols allocates a buffer to hold symbols. It should be
freed only if it is no longer in use.
PR binutils/23633
* objcopy.c (strip_specific_buffer): New.
(strip_unneeded_buffer): Likewise.
(keep_specific_buffer): Likewise.
(localize_specific_buffer): Likewise.
(globalize_specific_buffer): Likewise.
(keepglobal_specific_buffer): Likewise.
(weaken_specific_buffer): Likewise.
(add_specific_symbols): Add an argument to return pointer to
allocated buffer.
(copy_main): Update add_specific_symbols to update pointers to
allocated buffer. Free pointers to allocated buffer before
return.
* objcopy.c (handle_remove_section_option): Don't require a dot
after .rela and .rel to handle a possible relocation section.
* testsuite/binutils-all/remove-relocs-07.s,
* testsuite/binutils-all/remove-relocs-07.d,
* testsuite/binutils-all/remove-relocs-08.d: New tests.
* testsuite/binutils-all/remove-relocs-01.d,
* testsuite/binutils-all/remove-relocs-04.d,
* testsuite/binutils-all/remove-relocs-05.d,
* testsuite/binutils-all/remove-relocs-06.d: Exclude mips64-openbsd.
BFD handles ELF relocation sections in an executable differently to
relocation sections in a relocatable object. For a relocatable
object, BFD carries the relocations as data associated with the
section to which they apply; The relocation section doesn't appear as
a separate section. For an executable, dynamic relocation sections do
appear as separate sections. This means that objcopy needs to use
different strategies when dealing with relocations.
When --remove-relocations was added to objcopy with commit
d3e5f6c8f1, objcopy lost the ability to remove dynamic relocation
sections such as .rela.plt from executables using the option
"--remove-section=.rela.plt". This patch reinstates that
functionality.
I thought it best to keep --remove-relocations as is, rather than
extending to handle dynamic relocations as per the patch in the PR,
because executables linked with --emit-relocs may have both dynamic
and non-dynamic relocations. In that case --remove-relocataions=* is
useful to remove all the non-dynamic relocations.
PR binutils/23611
* objcopy.c (handle_remove_section_option): Consider .rela and
.rel sections for stripping directly as well as attached to the
associated section they relocate.
* doc/binutils.texi (remove-relocations): Specify that this
option removes non-dynamic relocation sections.
* testsuite/binutils-all/objcopy.exp
(objcopy_remove_relocations_from_executable): New test.
* objcopy.c (add_specific_symbols): Free buffer on exit.
(add_redefine_syms_file): Close file handle on exit.
(copy_object): Close file handle on early exit.
Free buffer on early exit.
Free gaps buffers once they are no longer needed.
* dwarf.c (display_debug_frames): Free allocated memory on exit.
(load_separate_debug_info): Free allocate memory on early exit.
Another fuzzing fix. I think it's reasonable to simply strip out any
group section that is too weird for objcopy to handle.
PR 23141
* objcopy.c (is_strip_section): Strip groups without a valid
signature symbol.
