From e54cb31aa33a124f746ff40c134e20e6d2bc6c34 Mon Sep 17 00:00:00 2001 From: "Maciej W. Rozycki" Date: Fri, 7 Jul 2017 17:58:03 +0100 Subject: [PATCH] MIPS/LD: Fix a segfault from ELF `e_flags' access with non-ELF output BFD Fix a commit 861fb55ab50a ("Defer allocation of R_MIPS_REL32 GOT slots"), , regression and a more recent: FAIL: ld-unique/pr21529 new LD test case failure, observed with all the relevant MIPS targets whenever the linker is invoked with one or more ELF inputs and the output format set to `binary'. The culprit is a segmentation fault caused in `mips_before_allocation' by a null pointer dereference, where an attempt is made to access the ELF file header's `e_flags' member, for the purpose of determining whether to produce a PLT and copy relocations, without first checking that the output BFD is ELF. The `e_flags' member is stored in BFD's private data pointed to by `tdep', which in the case of the `binary' BFD is null, causing the segmentation fault. With other non-ELF BFDs such as SREC `tdep' is not null and consequently no crash may happen and in that case random data will be interpreted as it was `e_flags'. Disable the access to `e_flags' then and all the associated checks and consequently never produce a PLT and copy relocations if output is not a MIPS ELF BFD, matching `_bfd_mips_elf_merge_private_bfd_data' that does not process `e_flags' in that case either and therefore does not let us decide here anyway if all the input objects included in the link are suitable for use with a PLT and copy relocations. ld/ * emultempl/mipself.em (mips_before_allocation): Avoid ELF processing if not MIPS ELF. * testsuite/ld-mips-elf/binary.d: New test. * testsuite/ld-mips-elf/binary.ld: New test linker script. * testsuite/ld-mips-elf/binary.s: New test source. * testsuite/ld-mips-elf/mips-elf.exp: Run the new test. --- ld/ChangeLog | 9 +++++++++ ld/emultempl/mipself.em | 15 +++++++++------ ld/testsuite/ld-mips-elf/binary.d | 8 ++++++++ ld/testsuite/ld-mips-elf/binary.ld | 5 +++++ ld/testsuite/ld-mips-elf/binary.s | 2 ++ ld/testsuite/ld-mips-elf/mips-elf.exp | 3 +++ 6 files changed, 36 insertions(+), 6 deletions(-) create mode 100644 ld/testsuite/ld-mips-elf/binary.d create mode 100644 ld/testsuite/ld-mips-elf/binary.ld create mode 100644 ld/testsuite/ld-mips-elf/binary.s diff --git a/ld/ChangeLog b/ld/ChangeLog index cb72710ed87..21516026593 100644 --- a/ld/ChangeLog +++ b/ld/ChangeLog @@ -1,3 +1,12 @@ +2017-07-07 Maciej W. Rozycki + + * emultempl/mipself.em (mips_before_allocation): Avoid ELF + processing if not MIPS ELF. + * testsuite/ld-mips-elf/binary.d: New test. + * testsuite/ld-mips-elf/binary.ld: New test linker script. + * testsuite/ld-mips-elf/binary.s: New test source. + * testsuite/ld-mips-elf/mips-elf.exp: Run the new test. + 2017-07-07 Alan Modra * testsuite/ld-powerpc/ppc476-shared.lnk: Align .bss. diff --git a/ld/emultempl/mipself.em b/ld/emultempl/mipself.em index cd68707ec38..d541fefc93e 100644 --- a/ld/emultempl/mipself.em +++ b/ld/emultempl/mipself.em @@ -214,13 +214,16 @@ mips_create_output_section_statements (void) static void mips_before_allocation (void) { - flagword flags; + if (is_mips_elf (link_info.output_bfd)) + { + flagword flags; - flags = elf_elfheader (link_info.output_bfd)->e_flags; - if (!bfd_link_pic (&link_info) - && !link_info.nocopyreloc - && (flags & (EF_MIPS_PIC | EF_MIPS_CPIC)) == EF_MIPS_CPIC) - _bfd_mips_elf_use_plts_and_copy_relocs (&link_info); + flags = elf_elfheader (link_info.output_bfd)->e_flags; + if (!bfd_link_pic (&link_info) + && !link_info.nocopyreloc + && (flags & (EF_MIPS_PIC | EF_MIPS_CPIC)) == EF_MIPS_CPIC) + _bfd_mips_elf_use_plts_and_copy_relocs (&link_info); + } gld${EMULATION_NAME}_before_allocation (); } diff --git a/ld/testsuite/ld-mips-elf/binary.d b/ld/testsuite/ld-mips-elf/binary.d new file mode 100644 index 00000000000..eb88c1c7baf --- /dev/null +++ b/ld/testsuite/ld-mips-elf/binary.d @@ -0,0 +1,8 @@ +#objdump: -b binary -s +#name: MIPS link ELF into binary output format +#ld: -r --oformat=binary -T binary.ld + +.*: +file format binary + +Contents of section \.data: + 0000 61626364 65666768 696a6b6c 6d6e6f70 abcdefghijklmnop diff --git a/ld/testsuite/ld-mips-elf/binary.ld b/ld/testsuite/ld-mips-elf/binary.ld new file mode 100644 index 00000000000..037ae69ebd6 --- /dev/null +++ b/ld/testsuite/ld-mips-elf/binary.ld @@ -0,0 +1,5 @@ +SECTIONS +{ + .data : { *(.data) } + /DISCARD/ : { *(*) } +} diff --git a/ld/testsuite/ld-mips-elf/binary.s b/ld/testsuite/ld-mips-elf/binary.s new file mode 100644 index 00000000000..fbc0244fcd9 --- /dev/null +++ b/ld/testsuite/ld-mips-elf/binary.s @@ -0,0 +1,2 @@ + .data + .ascii "abcdefghijklmnop" diff --git a/ld/testsuite/ld-mips-elf/mips-elf.exp b/ld/testsuite/ld-mips-elf/mips-elf.exp index 4360b83e2b4..4008da08a5b 100644 --- a/ld/testsuite/ld-mips-elf/mips-elf.exp +++ b/ld/testsuite/ld-mips-elf/mips-elf.exp @@ -1213,3 +1213,6 @@ run_ld_link_tests [list \ "relax-offset-umips"]] rename prune_warnings "" rename mips_old_prune_warnings prune_warnings + +# Verify that we can link ELF input into the `binary' output format. +run_dump_test "binary" -- 2.30.2