Re: readelf section reading

Fix commit 4de91c10cdd9, which cached the single section header read
to pick up file header extension fields.  Also, testing e_shoff in
get_section_headers opened a hole for fuzzers where we'd end up with
segfaults due to non-zero e_shnum but NULL section_headers.

	* readelf.c (get_section_headers): Don't test e_shoff here, leave
	that to get_32bit_section_headers or get_64bit_section_headers.
	(process_object): Throw away section header read to print file
	header extension.

diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index e84f5d36dec5d234c79f00b5620b865cf23393e9..fcf6056861802ae1234a40688ce08f14c00c9a08 100644 (file)
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,3 +1,10 @@
+2021-06-12  Alan Modra  <amodra@gmail.com>
+
+       * readelf.c (get_section_headers): Don't test e_shoff here, leave
+       that to get_32bit_section_headers or get_64bit_section_headers.
+       (process_object): Throw away section header read to print file
+       header extension.
+
 2021-06-11  Alan Modra  <amodra@gmail.com>
 
        * readelf.c (struct filedata): Move archive_file_offset and

diff --git a/binutils/readelf.c b/binutils/readelf.c
index 1456c03a073f2f5d86f1165f88d6cd12b64b621d..4217ea3b5b03a1f23deef3b844ae14d4c69e6194 100644 (file)
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -5859,9 +5859,6 @@ get_section_headers (Filedata *filedata, bool probe)
   if (filedata->section_headers != NULL)
     return true;
 
-  if (filedata->file_header.e_shoff == 0)
-    return true;
-
   if (is_32bit_elf)
     return get_32bit_section_headers (filedata, probe);
   else
@@ -21361,6 +21358,11 @@ process_object (Filedata * filedata)
       goto out;
     }
 
+  /* Throw away the single section header read above, so that we
+     re-read the entire set.  */
+  free (filedata->section_headers);
+  filedata->section_headers = NULL;
+
   if (! process_section_headers (filedata))
     {
       /* Without loaded section headers we cannot process lots of things.  */