SOURCES (AC-branch): binutils-robustify6.patch (NEW), binutils-rob...
arekm
arekm at pld-linux.org
Tue Jul 26 11:18:03 CEST 2005
Author: arekm Date: Tue Jul 26 09:18:03 2005 GMT
Module: SOURCES Tag: AC-branch
---- Log message:
- various CAN patches from fc4 updates + one speedup
---- Files affected:
SOURCES:
binutils-robustify6.patch (NONE -> 1.1.2.1) (NEW), binutils-robustify5.patch (NONE -> 1.1.2.1) (NEW), binutils-robustify4.patch (NONE -> 1.1.2.1) (NEW), binutils-robustify3.patch (NONE -> 1.1.2.1) (NEW), binutils-robustify2.patch (NONE -> 1.1.2.1) (NEW), binutils-robustify.patch (NONE -> 1.1.2.1) (NEW), binutils-readelf-overflows.patch (NONE -> 1.1.2.1) (NEW), binutils-ld-speedup.patch (NONE -> 1.1.2.1) (NEW), binutils-arhdr.patch (NONE -> 1.1.2.1) (NEW)
---- Diffs:
================================================================
Index: SOURCES/binutils-robustify6.patch
diff -u /dev/null SOURCES/binutils-robustify6.patch:1.1.2.1
--- /dev/null Tue Jul 26 11:18:03 2005
+++ SOURCES/binutils-robustify6.patch Tue Jul 26 11:17:58 2005
@@ -0,0 +1,198 @@
+2005-06-21 Jakub Jelinek <jakub at redhat.com>
+
+ * libbfd-in.h (struct artdata): Add extended_names_size field.
+ * libbfd.h: Rebuilt.
+ * coff-rs600.c (_bfd_xcoff_archive_p): Don't clear fields in freshly
+ allocated object by bfd_zalloc.
+ * coff64-rs6000.c (xcoff64_archive_p): Likewise.
+ * ecoff.c (_bfd_ecoff_archive_p): Likewise.
+ * archive.c (_bfd_generic_mkarchive, bfd_generic_archive_p): Likewise.
+ (get_extended_arelt_filename): Fail if index is bigger or equal to
+ extended_names_size.
+ (_bfd_generic_read_ar_hdr_mag): Don't set bfd_error_malformed_archive,
+ get_extended_arelt_filename already did that.
+ (_bfd_slurp_extended_name_table): Initialize extended_names_size field.
+ Allocate one extra byte and clear it, in case extended names table
+ is not terminated.
+
+--- bfd/libbfd-in.h.jj 2005-06-20 12:16:18.000000000 +0200
++++ bfd/libbfd-in.h 2005-06-21 18:45:56.000000000 +0200
+@@ -64,6 +64,7 @@ struct artdata {
+ carsym *symdefs; /* the symdef entries */
+ symindex symdef_count; /* how many there are */
+ char *extended_names; /* clever intel extension */
++ bfd_size_type extended_names_size; /* Size of extended names */
+ /* when more compilers are standard C, this can be a time_t */
+ long armap_timestamp; /* Timestamp value written into armap.
+ This is used for BSD archives to check
+--- bfd/libbfd.h.jj 2005-06-20 12:16:18.000000000 +0200
++++ bfd/libbfd.h 2005-06-21 18:46:32.000000000 +0200
+@@ -69,6 +69,7 @@ struct artdata {
+ carsym *symdefs; /* the symdef entries */
+ symindex symdef_count; /* how many there are */
+ char *extended_names; /* clever intel extension */
++ bfd_size_type extended_names_size; /* Size of extended names */
+ /* when more compilers are standard C, this can be a time_t */
+ long armap_timestamp; /* Timestamp value written into armap.
+ This is used for BSD archives to check
+--- bfd/coff64-rs6000.c.jj 2005-06-09 10:58:49.000000000 +0200
++++ bfd/coff64-rs6000.c 2005-06-21 18:59:07.000000000 +0200
+@@ -1983,10 +1983,12 @@ xcoff64_archive_p (abfd)
+ if (bfd_ardata (abfd) == (struct artdata *) NULL)
+ goto error_ret_restore;
+
+- bfd_ardata (abfd)->cache = NULL;
+- bfd_ardata (abfd)->archive_head = NULL;
+- bfd_ardata (abfd)->symdefs = NULL;
+- bfd_ardata (abfd)->extended_names = NULL;
++ /* Already cleared by bfd_zalloc above.
++ bfd_ardata (abfd)->cache = NULL;
++ bfd_ardata (abfd)->archive_head = NULL;
++ bfd_ardata (abfd)->symdefs = NULL;
++ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0; */
+ bfd_ardata (abfd)->first_file_filepos = bfd_scan_vma (hdr.firstmemoff,
+ (const char **) NULL,
+ 10);
+--- bfd/coff-rs6000.c.jj 2005-06-09 10:58:49.000000000 +0200
++++ bfd/coff-rs6000.c 2005-06-21 18:56:11.000000000 +0200
+@@ -1294,10 +1294,12 @@ _bfd_xcoff_archive_p (abfd)
+ if (bfd_ardata (abfd) == (struct artdata *) NULL)
+ goto error_ret_restore;
+
+- bfd_ardata (abfd)->cache = NULL;
+- bfd_ardata (abfd)->archive_head = NULL;
+- bfd_ardata (abfd)->symdefs = NULL;
+- bfd_ardata (abfd)->extended_names = NULL;
++ /* Cleared by bfd_zalloc above.
++ bfd_ardata (abfd)->cache = NULL;
++ bfd_ardata (abfd)->archive_head = NULL;
++ bfd_ardata (abfd)->symdefs = NULL;
++ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0; */
+
+ /* Now handle the two formats. */
+ if (magic[1] != 'b')
+--- bfd/ecoff.c.jj 2005-05-13 23:44:07.000000000 +0200
++++ bfd/ecoff.c 2005-06-21 18:59:49.000000000 +0200
+@@ -3182,11 +3182,13 @@ _bfd_ecoff_archive_p (bfd *abfd)
+ }
+
+ bfd_ardata (abfd)->first_file_filepos = SARMAG;
+- bfd_ardata (abfd)->cache = NULL;
+- bfd_ardata (abfd)->archive_head = NULL;
+- bfd_ardata (abfd)->symdefs = NULL;
+- bfd_ardata (abfd)->extended_names = NULL;
+- bfd_ardata (abfd)->tdata = NULL;
++ /* Already cleared by bfd_zalloc above.
++ bfd_ardata (abfd)->cache = NULL;
++ bfd_ardata (abfd)->archive_head = NULL;
++ bfd_ardata (abfd)->symdefs = NULL;
++ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0;
++ bfd_ardata (abfd)->tdata = NULL; */
+
+ if (! _bfd_ecoff_slurp_armap (abfd)
+ || ! _bfd_ecoff_slurp_extended_name_table (abfd))
+--- bfd/archive.c.jj 2005-06-17 15:22:56.000000000 +0200
++++ bfd/archive.c 2005-06-21 19:03:51.000000000 +0200
+@@ -182,11 +182,13 @@ _bfd_generic_mkarchive (bfd *abfd)
+ if (bfd_ardata (abfd) == NULL)
+ return FALSE;
+
+- bfd_ardata (abfd)->cache = NULL;
+- bfd_ardata (abfd)->archive_head = NULL;
+- bfd_ardata (abfd)->symdefs = NULL;
+- bfd_ardata (abfd)->extended_names = NULL;
+- bfd_ardata (abfd)->tdata = NULL;
++ /* Already cleared by bfd_zalloc above.
++ bfd_ardata (abfd)->cache = NULL;
++ bfd_ardata (abfd)->archive_head = NULL;
++ bfd_ardata (abfd)->symdefs = NULL;
++ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0;
++ bfd_ardata (abfd)->tdata = NULL; */
+
+ return TRUE;
+ }
+@@ -335,7 +337,7 @@ get_extended_arelt_filename (bfd *arch,
+ errno = 0;
+ /* Skip first char, which is '/' in SVR4 or ' ' in some other variants. */
+ index = strtol (name + 1, NULL, 10);
+- if (errno != 0)
++ if (errno != 0 || index >= bfd_ardata (arch)->extended_names_size)
+ {
+ bfd_set_error (bfd_error_malformed_archive);
+ return NULL;
+@@ -405,10 +407,7 @@ _bfd_generic_read_ar_hdr_mag (bfd *abfd,
+ {
+ filename = get_extended_arelt_filename (abfd, hdr.ar_name);
+ if (filename == NULL)
+- {
+- bfd_set_error (bfd_error_malformed_archive);
+- return NULL;
+- }
++ return NULL;
+ }
+ /* BSD4.4-style long filename.
+ Only implemented for reading, so far! */
+@@ -629,11 +628,13 @@ bfd_generic_archive_p (bfd *abfd)
+ }
+
+ bfd_ardata (abfd)->first_file_filepos = SARMAG;
+- bfd_ardata (abfd)->cache = NULL;
+- bfd_ardata (abfd)->archive_head = NULL;
+- bfd_ardata (abfd)->symdefs = NULL;
+- bfd_ardata (abfd)->extended_names = NULL;
+- bfd_ardata (abfd)->tdata = NULL;
++ /* Cleared by bfd_zalloc above.
++ bfd_ardata (abfd)->cache = NULL;
++ bfd_ardata (abfd)->archive_head = NULL;
++ bfd_ardata (abfd)->symdefs = NULL;
++ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0;
++ bfd_ardata (abfd)->tdata = NULL; */
+
+ if (!BFD_SEND (abfd, _bfd_slurp_armap, (abfd))
+ || !BFD_SEND (abfd, _bfd_slurp_extended_name_table, (abfd)))
+@@ -1067,6 +1068,7 @@ _bfd_slurp_extended_name_table (bfd *abf
+ strncmp (nextname, "// ", 16) != 0)
+ {
+ bfd_ardata (abfd)->extended_names = NULL;
++ bfd_ardata (abfd)->extended_names_size = 0;
+ return TRUE;
+ }
+
+@@ -1075,7 +1077,11 @@ _bfd_slurp_extended_name_table (bfd *abf
+ return FALSE;
+
+ amt = namedata->parsed_size;
+- bfd_ardata (abfd)->extended_names = bfd_zalloc (abfd, amt);
++ if (amt + 1 == 0)
++ goto byebye;
++
++ bfd_ardata (abfd)->extended_names_size = amt;
++ bfd_ardata (abfd)->extended_names = bfd_zalloc (abfd, amt + 1);
+ if (bfd_ardata (abfd)->extended_names == NULL)
+ {
+ byebye:
+@@ -1098,15 +1104,17 @@ _bfd_slurp_extended_name_table (bfd *abf
+ trailing '/'. DOS/NT created archive often have \ in them
+ We'll fix all problems here.. */
+ {
+- char *temp = bfd_ardata (abfd)->extended_names;
++ char *ext_names = bfd_ardata (abfd)->extended_names;
++ char *temp = ext_names;
+ char *limit = temp + namedata->parsed_size;
+ for (; temp < limit; ++temp)
+ {
+ if (*temp == '\012')
+- temp[temp[-1] == '/' ? -1 : 0] = '\0';
++ temp[temp > ext_names && temp[-1] == '/' ? -1 : 0] = '\0';
+ if (*temp == '\\')
+ *temp = '/';
+ }
++ *limit = '\0';
+ }
+
+ /* Pad to an even boundary if you have to. */
================================================================
Index: SOURCES/binutils-robustify5.patch
diff -u /dev/null SOURCES/binutils-robustify5.patch:1.1.2.1
--- /dev/null Tue Jul 26 11:18:03 2005
+++ SOURCES/binutils-robustify5.patch Tue Jul 26 11:17:58 2005
@@ -0,0 +1,216 @@
+2005-06-17 Jakub Jelinek <jakub at redhat.com>
+bfd/
+ * elf.c (bfd_section_from_shdr): Kill bogus warning.
+
+ * elf.c (bfd_section_from_shdr): Fail if sh_entsize is bogus for
+ symbol, relocation, group or versym sections.
+
+ * coffcode.h (coff_slurp_reloc_table): Don't crash if native_relocs
+ is NULL.
+ * peXXigen.c (pe_print_idata): Don't crash if dll_name or start_address
+ doesn't point into the section.
+include/
+ * elf/external.h (GRP_ENTRY_SIZE): Define.
+binutils/
+ * readelf.c (CHECK_ENTSIZE_VALUES, CHECK_ENTSIZE): Define.
+ (process_section_headers): Use it.
+ (process_relocs): Don't crash if symsec is not SHT_SYMTAB
+ or SHT_DYNSYM.
+ (process_version_sections): Use sizeof (Elf_External_Versym)
+ instead of sh_entsize.
+
+--- bfd/coffcode.h 9 Jun 2005 19:22:15 -0000 1.127
++++ bfd/coffcode.h 17 Jun 2005 13:39:56 -0000 1.128
+@@ -4830,7 +4830,7 @@ coff_slurp_reloc_table (bfd * abfd, sec_
+ amt = (bfd_size_type) asect->reloc_count * sizeof (arelent);
+ reloc_cache = bfd_alloc (abfd, amt);
+
+- if (reloc_cache == NULL)
++ if (reloc_cache == NULL || native_relocs == NULL)
+ return FALSE;
+
+ for (idx = 0; idx < asect->reloc_count; idx++)
+--- bfd/elf.c 14 Jun 2005 11:04:22 -0000 1.301
++++ bfd/elf.c 17 Jun 2005 15:48:25 -0000 1.303
+@@ -1811,7 +1811,8 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ if (elf_onesymtab (abfd) == shindex)
+ return TRUE;
+
+- BFD_ASSERT (hdr->sh_entsize == bed->s->sizeof_sym);
++ if (hdr->sh_entsize != bed->s->sizeof_sym)
++ return FALSE;
+ BFD_ASSERT (elf_onesymtab (abfd) == 0);
+ elf_onesymtab (abfd) = shindex;
+ elf_tdata (abfd)->symtab_hdr = *hdr;
+@@ -1862,7 +1863,8 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ if (elf_dynsymtab (abfd) == shindex)
+ return TRUE;
+
+- BFD_ASSERT (hdr->sh_entsize == bed->s->sizeof_sym);
++ if (hdr->sh_entsize != bed->s->sizeof_sym)
++ return FALSE;
+ BFD_ASSERT (elf_dynsymtab (abfd) == 0);
+ elf_dynsymtab (abfd) = shindex;
+ elf_tdata (abfd)->dynsymtab_hdr = *hdr;
+@@ -1946,6 +1948,11 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ Elf_Internal_Shdr *hdr2;
+ unsigned int num_sec = elf_numsections (abfd);
+
++ if (hdr->sh_entsize
++ != (bfd_size_type) (hdr->sh_type == SHT_REL
++ ? bed->s->sizeof_rel : bed->s->sizeof_rela))
++ return FALSE;
++
+ /* Check for a bogus link to avoid crashing. */
+ if ((hdr->sh_link >= SHN_LORESERVE && hdr->sh_link <= SHN_HIRESERVE)
+ || hdr->sh_link >= num_sec)
+@@ -2004,10 +2011,10 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ return _bfd_elf_make_section_from_shdr (abfd, hdr, name,
+ shindex);
+
+- /* Prevent endless recursion on broken objects. */
+- if (elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_REL
+- || elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_RELA)
+- return FALSE;
++ /* Prevent endless recursion on broken objects. */
++ if (elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_REL
++ || elf_elfsections (abfd)[hdr->sh_info]->sh_type == SHT_RELA)
++ return FALSE;
+ if (! bfd_section_from_shdr (abfd, hdr->sh_info))
+ return FALSE;
+ target_sect = bfd_section_from_elf_index (abfd, hdr->sh_info);
+@@ -2047,6 +2054,8 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ break;
+
+ case SHT_GNU_versym:
++ if (hdr->sh_entsize != sizeof (Elf_External_Versym))
++ return FALSE;
+ elf_dynversym (abfd) = shindex;
+ elf_tdata (abfd)->dynversym_hdr = *hdr;
+ return _bfd_elf_make_section_from_shdr (abfd, hdr, name, shindex);
+@@ -2065,6 +2074,8 @@ bfd_section_from_shdr (bfd *abfd, unsign
+ /* We need a BFD section for objcopy and relocatable linking,
+ and it's handy to have the signature available as the section
+ name. */
++ if (hdr->sh_entsize != GRP_ENTRY_SIZE)
++ return FALSE;
+ name = group_signature (abfd, hdr);
+ if (name == NULL)
+ return FALSE;
+--- bfd/peXXigen.c 4 May 2005 15:53:37 -0000 1.30
++++ bfd/peXXigen.c 17 Jun 2005 13:39:56 -0000 1.31
+@@ -1103,7 +1103,7 @@ pe_print_idata (bfd * abfd, void * vfile
+ bfd_vma toc_address;
+ bfd_vma start_address;
+ bfd_byte *data;
+- int offset;
++ bfd_vma offset;
+
+ if (!bfd_malloc_and_get_section (abfd, rel_section, &data))
+ {
+@@ -1114,6 +1114,13 @@ pe_print_idata (bfd * abfd, void * vfile
+
+ offset = abfd->start_address - rel_section->vma;
+
++ if (offset >= rel_section->size || offset + 8 > rel_section->size)
++ {
++ if (data != NULL)
++ free (data);
++ return FALSE;
++ }
++
+ start_address = bfd_get_32 (abfd, data + offset);
+ loadable_toc_address = bfd_get_32 (abfd, data + offset + 4);
+ toc_address = loadable_toc_address - 32768;
+@@ -1182,6 +1189,9 @@ pe_print_idata (bfd * abfd, void * vfile
+ if (hint_addr == 0 && first_thunk == 0)
+ break;
+
++ if (dll_name - adj >= section->size)
++ break;
++
+ dll = (char *) data + dll_name - adj;
+ fprintf (file, _("\n\tDLL Name: %s\n"), dll);
+
+ 2005-06-08 Zack Weinberg <zack at codesourcery.com>
+
+ * dis-asm.h (get_arm_regnames): Update prototype.
+--- include/elf/external.h 10 May 2005 10:21:10 -0000 1.7
++++ include/elf/external.h 17 Jun 2005 13:37:23 -0000 1.8
+@@ -272,5 +272,8 @@ typedef struct
+ unsigned char a_val[8];
+ } Elf64_External_Auxv;
+
++/* Size of SHT_GROUP section entry. */
++
++#define GRP_ENTRY_SIZE 4
+
+ #endif /* _ELF_EXTERNAL_H */
+--- binutils/readelf.c 14 Jun 2005 11:06:28 -0000 1.302
++++ binutils/readelf.c 17 Jun 2005 13:37:26 -0000 1.303
+@@ -3754,6 +3754,22 @@ process_section_headers (FILE *file)
+ dynamic_syminfo = NULL;
+ symtab_shndx_hdr = NULL;
+
++#define CHECK_ENTSIZE_VALUES(section, i, size32, size64) \
++ do \
++ { \
++ size_t expected_entsize \
++ = is_32bit_elf ? size32 : size64; \
++ if (section->sh_entsize != expected_entsize) \
++ error (_("Section %d has invalid sh_entsize %lx (expected %lx)\n"), \
++ i, (unsigned long int) section->sh_entsize, \
++ (unsigned long int) expected_entsize); \
++ section->sh_entsize = expected_entsize; \
++ } \
++ while (0)
++#define CHECK_ENTSIZE(section, i, type) \
++ CHECK_ENTSIZE_VALUES (section, i, sizeof (Elf32_External_##type), \
++ sizeof (Elf64_External_##type))
++
+ for (i = 0, section = section_headers;
+ i < elf_header.e_shnum;
+ i++, section++)
+@@ -3768,6 +3784,7 @@ process_section_headers (FILE *file)
+ continue;
+ }
+
++ CHECK_ENTSIZE (section, i, Sym);
+ num_dynamic_syms = section->sh_size / section->sh_entsize;
+ dynamic_symbols = GET_ELF_SYMBOLS (file, section);
+ }
+@@ -3793,6 +3810,14 @@ process_section_headers (FILE *file)
+ }
+ symtab_shndx_hdr = section;
+ }
++ else if (section->sh_type == SHT_SYMTAB)
++ CHECK_ENTSIZE (section, i, Sym);
++ else if (section->sh_type == SHT_GROUP)
++ CHECK_ENTSIZE_VALUES (section, i, GRP_ENTRY_SIZE, GRP_ENTRY_SIZE);
++ else if (section->sh_type == SHT_REL)
++ CHECK_ENTSIZE (section, i, Rel);
++ else if (section->sh_type == SHT_RELA)
++ CHECK_ENTSIZE (section, i, Rela);
+ else if ((do_debugging || do_debug_info || do_debug_abbrevs
+ || do_debug_lines || do_debug_pubnames || do_debug_aranges
+ || do_debug_frames || do_debug_macinfo || do_debug_str
+@@ -4311,6 +4336,10 @@ process_relocs (FILE *file)
+ char *strtab = NULL;
+
+ symsec = SECTION_HEADER (section->sh_link);
++ if (symsec->sh_type != SHT_SYMTAB
++ && symsec->sh_type != SHT_DYNSYM)
++ continue;
++
+ nsyms = symsec->sh_size / symsec->sh_entsize;
+ symtab = GET_ELF_SYMBOLS (file, symsec);
+
+@@ -6194,7 +6223,7 @@ process_version_sections (FILE *file)
+ break;
+
+ link_section = SECTION_HEADER (section->sh_link);
+- total = section->sh_size / section->sh_entsize;
++ total = section->sh_size / sizeof (Elf_External_Versym);
+
+ if (SECTION_HEADER_INDEX (link_section->sh_link)
+ >= elf_header.e_shnum)
================================================================
Index: SOURCES/binutils-robustify4.patch
diff -u /dev/null SOURCES/binutils-robustify4.patch:1.1.2.1
--- /dev/null Tue Jul 26 11:18:03 2005
+++ SOURCES/binutils-robustify4.patch Tue Jul 26 11:17:58 2005
@@ -0,0 +1,890 @@
+2005-06-15 Jakub Jelinek <jakub at redhat.com>
+
+ * libbfd-in.h (bfd_malloc2, bfd_realloc2, bfd_zmalloc2, bfd_alloc2,
+ bfd_zalloc2): New prototypes.
+ * bfd-in.h (HALF_BFD_SIZE_TYPE): Define.
+ * libbfd.c (bfd_malloc2, bfd_realloc2, bfd_zmalloc2): New functions.
+ * opncls.c (bfd_alloc2, bfd_zalloc2): New functions.
+ * elf.c (bfd_elf_get_elf_syms, setup_group, assign_section_numbers,
+ elf_map_symbols, map_sections_to_segments,
+ assign_file_positions_for_segments, copy_private_bfd_data,
+ swap_out_syms, _bfd_elf_slurp_version_tables): Use bfd_*alloc2
+ where appropriate.
+ * bfd-in2.h: Rebuilt.
+ * libbfd.h: Rebuilt.
+
+ * elf.c (_bfd_elf_print_private_bfd_data): Don't crash on bogus
+ verdef or verneed section.
+ (_bfd_elf_slurp_version_tables): Handle corrupt verdef and/or
+ verneed sections gracefully.
+ * elf32-sparc.c (elf32_sparc_info_to_howto): Don't crash on
+ bogus relocation values.
+ * elf64-sparc.c (sparc64_elf_info_to_howto): Likewise.
+ * elf64-ppc.c (ppc64_elf_info_to_howto): Likewise.
+ * elf64-s390.c (elf_s390_info_to_howto): Likewise.
+ * elf32-s390.c (elf_s390_info_to_howto): Likewise.
+ * elf64-x86-64.c (elf64_x86_64_info_to_howto): Likewise.
+ * elfxx-ia64.c (lookup_howto): Likewise.
+
+--- bfd/libbfd-in.h.jj 2004-11-22 15:33:31.000000000 -0500
++++ bfd/libbfd-in.h 2005-06-29 04:37:50.000000000 -0400
+@@ -90,6 +90,12 @@ extern void *bfd_realloc
+ (void *, bfd_size_type);
+ extern void *bfd_zmalloc
+ (bfd_size_type);
++extern void *bfd_malloc2
++ (bfd_size_type, bfd_size_type);
++extern void *bfd_realloc2
++ (void *, bfd_size_type, bfd_size_type);
++extern void *bfd_zmalloc2
++ (bfd_size_type, bfd_size_type);
+
+ extern void _bfd_default_error_handler (const char *s, ...);
+ extern bfd_error_handler_type _bfd_error_handler;
+@@ -100,6 +106,10 @@ extern void *bfd_alloc
+ (bfd *, bfd_size_type);
+ extern void *bfd_zalloc
+ (bfd *, bfd_size_type);
++extern void *bfd_alloc2
++ (bfd *, bfd_size_type, bfd_size_type);
++extern void *bfd_zalloc2
++ (bfd *, bfd_size_type, bfd_size_type);
+ extern void bfd_release
+ (bfd *, void *);
+
+--- bfd/bfd-in.h.jj 2004-12-20 14:16:48.000000000 -0500
++++ bfd/bfd-in.h 2005-06-29 04:37:50.000000000 -0400
+@@ -144,6 +144,9 @@ typedef unsigned long bfd_size_type;
+
+ #endif /* not BFD64 */
+
++#define HALF_BFD_SIZE_TYPE \
++ (((bfd_size_type) 1) << (8 * sizeof (bfd_size_type) / 2))
++
+ #ifndef BFD_HOST_64_BIT
+ /* Fall back on a 32 bit type. The idea is to make these types always
+ available for function return types, but in the case that
+--- bfd/libbfd.c.jj 2004-09-15 15:05:03.000000000 -0400
++++ bfd/libbfd.c 2005-06-29 04:37:50.000000000 -0400
+@@ -156,6 +156,36 @@ bfd_malloc (bfd_size_type size)
+ return ptr;
+ }
+
++/* Allocate memory using malloc, nmemb * size with overflow checking. */
++
++void *
++bfd_malloc2 (bfd_size_type nmemb, bfd_size_type size)
++{
++ void *ptr;
++
++ if ((nmemb | size) >= HALF_BFD_SIZE_TYPE
++ && size != 0
++ && nmemb > ~(bfd_size_type) 0 / size)
++ {
++ bfd_set_error (bfd_error_no_memory);
++ return NULL;
++ }
++
++ size *= nmemb;
++
++ if (size != (size_t) size)
++ {
++ bfd_set_error (bfd_error_no_memory);
++ return NULL;
++ }
++
++ ptr = malloc ((size_t) size);
++ if (ptr == NULL && (size_t) size != 0)
++ bfd_set_error (bfd_error_no_memory);
++
++ return ptr;
++}
++
+ /* Reallocate memory using realloc. */
+
+ void *
+@@ -180,6 +210,40 @@ bfd_realloc (void *ptr, bfd_size_type si
+ return ret;
+ }
+
++/* Reallocate memory using realloc, nmemb * size with overflow checking. */
++
++void *
++bfd_realloc2 (void *ptr, bfd_size_type nmemb, bfd_size_type size)
++{
++ void *ret;
++
++ if ((nmemb | size) >= HALF_BFD_SIZE_TYPE
++ && size != 0
++ && nmemb > ~(bfd_size_type) 0 / size)
++ {
++ bfd_set_error (bfd_error_no_memory);
++ return NULL;
++ }
++
++ size *= nmemb;
++
++ if (size != (size_t) size)
++ {
++ bfd_set_error (bfd_error_no_memory);
++ return NULL;
++ }
++
++ if (ptr == NULL)
++ ret = malloc ((size_t) size);
++ else
++ ret = realloc (ptr, (size_t) size);
++
++ if (ret == NULL && (size_t) size != 0)
++ bfd_set_error (bfd_error_no_memory);
++
++ return ret;
++}
++
+ /* Allocate memory using malloc and clear it. */
+
+ void *
+@@ -205,6 +269,44 @@ bfd_zmalloc (bfd_size_type size)
+
+ return ptr;
+ }
++
++/* Allocate memory using malloc (nmemb * size) with overflow checking
++ and clear it. */
++
++void *
++bfd_zmalloc2 (bfd_size_type nmemb, bfd_size_type size)
++{
++ void *ptr;
++
++ if ((nmemb | size) >= HALF_BFD_SIZE_TYPE
++ && size != 0
++ && nmemb > ~(bfd_size_type) 0 / size)
++ {
++ bfd_set_error (bfd_error_no_memory);
++ return NULL;
<<Diff was trimmed, longer than 597 lines>>
More information about the pld-cvs-commit
mailing list