Commit f36e7495 authored by Artem Savkov's avatar Artem Savkov Committed by Ingo Molnar

x86/tools/relocs: Fix big section header tables

In case when the number of entries in the section header table is larger
then or equal to SHN_LORESERVE the size of the table is held in the sh_size
member of the initial entry in section header table instead of e_shnum.
Same with the string table index which is located in sh_link instead of
e_shstrndx.

This case is easily reproducible with KCFLAGS="-ffunction-sections",
bzImage build fails with "String table index out of bounds" error.
Signed-off-by: default avatarArtem Savkov <asavkov@redhat.com>
Reviewed-by: default avatarJosh Poimboeuf <jpoimboe@redhat.com>
Acked-by: default avatarJoe Lawrence <joe.lawrence@redhat.com>
Cc: Eric W . Biederman <ebiederm@xmission.com>
Cc: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Peter Zijlstra <peterz@infradead.org>
Cc: Thomas Gleixner <tglx@linutronix.de>
Link: http://lkml.kernel.org/r/20181129155615.2594-1-asavkov@redhat.com
[ Simplify the die() lines. ]
Signed-off-by: default avatarIngo Molnar <mingo@kernel.org>
parent 93ddedaa
...@@ -12,6 +12,8 @@ ...@@ -12,6 +12,8 @@
#define Elf_Sym ElfW(Sym) #define Elf_Sym ElfW(Sym)
static Elf_Ehdr ehdr; static Elf_Ehdr ehdr;
static unsigned long shnum;
static unsigned int shstrndx;
struct relocs { struct relocs {
uint32_t *offset; uint32_t *offset;
...@@ -241,9 +243,9 @@ static const char *sec_name(unsigned shndx) ...@@ -241,9 +243,9 @@ static const char *sec_name(unsigned shndx)
{ {
const char *sec_strtab; const char *sec_strtab;
const char *name; const char *name;
sec_strtab = secs[ehdr.e_shstrndx].strtab; sec_strtab = secs[shstrndx].strtab;
name = "<noname>"; name = "<noname>";
if (shndx < ehdr.e_shnum) { if (shndx < shnum) {
name = sec_strtab + secs[shndx].shdr.sh_name; name = sec_strtab + secs[shndx].shdr.sh_name;
} }
else if (shndx == SHN_ABS) { else if (shndx == SHN_ABS) {
...@@ -271,7 +273,7 @@ static const char *sym_name(const char *sym_strtab, Elf_Sym *sym) ...@@ -271,7 +273,7 @@ static const char *sym_name(const char *sym_strtab, Elf_Sym *sym)
static Elf_Sym *sym_lookup(const char *symname) static Elf_Sym *sym_lookup(const char *symname)
{ {
int i; int i;
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
long nsyms; long nsyms;
char *strtab; char *strtab;
...@@ -366,27 +368,41 @@ static void read_ehdr(FILE *fp) ...@@ -366,27 +368,41 @@ static void read_ehdr(FILE *fp)
ehdr.e_shnum = elf_half_to_cpu(ehdr.e_shnum); ehdr.e_shnum = elf_half_to_cpu(ehdr.e_shnum);
ehdr.e_shstrndx = elf_half_to_cpu(ehdr.e_shstrndx); ehdr.e_shstrndx = elf_half_to_cpu(ehdr.e_shstrndx);
if ((ehdr.e_type != ET_EXEC) && (ehdr.e_type != ET_DYN)) { shnum = ehdr.e_shnum;
shstrndx = ehdr.e_shstrndx;
if ((ehdr.e_type != ET_EXEC) && (ehdr.e_type != ET_DYN))
die("Unsupported ELF header type\n"); die("Unsupported ELF header type\n");
} if (ehdr.e_machine != ELF_MACHINE)
if (ehdr.e_machine != ELF_MACHINE) {
die("Not for %s\n", ELF_MACHINE_NAME); die("Not for %s\n", ELF_MACHINE_NAME);
} if (ehdr.e_version != EV_CURRENT)
if (ehdr.e_version != EV_CURRENT) {
die("Unknown ELF version\n"); die("Unknown ELF version\n");
} if (ehdr.e_ehsize != sizeof(Elf_Ehdr))
if (ehdr.e_ehsize != sizeof(Elf_Ehdr)) {
die("Bad Elf header size\n"); die("Bad Elf header size\n");
} if (ehdr.e_phentsize != sizeof(Elf_Phdr))
if (ehdr.e_phentsize != sizeof(Elf_Phdr)) {
die("Bad program header entry\n"); die("Bad program header entry\n");
} if (ehdr.e_shentsize != sizeof(Elf_Shdr))
if (ehdr.e_shentsize != sizeof(Elf_Shdr)) {
die("Bad section header entry\n"); die("Bad section header entry\n");
if (shnum == SHN_UNDEF || shstrndx == SHN_XINDEX) {
Elf_Shdr shdr;
if (fseek(fp, ehdr.e_shoff, SEEK_SET) < 0)
die("Seek to %d failed: %s\n", ehdr.e_shoff, strerror(errno));
if (fread(&shdr, sizeof(shdr), 1, fp) != 1)
die("Cannot read initial ELF section header: %s\n", strerror(errno));
if (shnum == SHN_UNDEF)
shnum = elf_xword_to_cpu(shdr.sh_size);
if (shstrndx == SHN_XINDEX)
shstrndx = elf_word_to_cpu(shdr.sh_link);
} }
if (ehdr.e_shstrndx >= ehdr.e_shnum) {
if (shstrndx >= shnum)
die("String table index out of bounds\n"); die("String table index out of bounds\n");
}
} }
static void read_shdrs(FILE *fp) static void read_shdrs(FILE *fp)
...@@ -394,20 +410,20 @@ static void read_shdrs(FILE *fp) ...@@ -394,20 +410,20 @@ static void read_shdrs(FILE *fp)
int i; int i;
Elf_Shdr shdr; Elf_Shdr shdr;
secs = calloc(ehdr.e_shnum, sizeof(struct section)); secs = calloc(shnum, sizeof(struct section));
if (!secs) { if (!secs) {
die("Unable to allocate %d section headers\n", die("Unable to allocate %d section headers\n",
ehdr.e_shnum); shnum);
} }
if (fseek(fp, ehdr.e_shoff, SEEK_SET) < 0) { if (fseek(fp, ehdr.e_shoff, SEEK_SET) < 0) {
die("Seek to %d failed: %s\n", die("Seek to %d failed: %s\n",
ehdr.e_shoff, strerror(errno)); ehdr.e_shoff, strerror(errno));
} }
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
if (fread(&shdr, sizeof(shdr), 1, fp) != 1) if (fread(&shdr, sizeof(shdr), 1, fp) != 1)
die("Cannot read ELF section headers %d/%d: %s\n", die("Cannot read ELF section headers %d/%d: %s\n",
i, ehdr.e_shnum, strerror(errno)); i, shnum, strerror(errno));
sec->shdr.sh_name = elf_word_to_cpu(shdr.sh_name); sec->shdr.sh_name = elf_word_to_cpu(shdr.sh_name);
sec->shdr.sh_type = elf_word_to_cpu(shdr.sh_type); sec->shdr.sh_type = elf_word_to_cpu(shdr.sh_type);
sec->shdr.sh_flags = elf_xword_to_cpu(shdr.sh_flags); sec->shdr.sh_flags = elf_xword_to_cpu(shdr.sh_flags);
...@@ -418,7 +434,7 @@ static void read_shdrs(FILE *fp) ...@@ -418,7 +434,7 @@ static void read_shdrs(FILE *fp)
sec->shdr.sh_info = elf_word_to_cpu(shdr.sh_info); sec->shdr.sh_info = elf_word_to_cpu(shdr.sh_info);
sec->shdr.sh_addralign = elf_xword_to_cpu(shdr.sh_addralign); sec->shdr.sh_addralign = elf_xword_to_cpu(shdr.sh_addralign);
sec->shdr.sh_entsize = elf_xword_to_cpu(shdr.sh_entsize); sec->shdr.sh_entsize = elf_xword_to_cpu(shdr.sh_entsize);
if (sec->shdr.sh_link < ehdr.e_shnum) if (sec->shdr.sh_link < shnum)
sec->link = &secs[sec->shdr.sh_link]; sec->link = &secs[sec->shdr.sh_link];
} }
...@@ -427,7 +443,7 @@ static void read_shdrs(FILE *fp) ...@@ -427,7 +443,7 @@ static void read_shdrs(FILE *fp)
static void read_strtabs(FILE *fp) static void read_strtabs(FILE *fp)
{ {
int i; int i;
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
if (sec->shdr.sh_type != SHT_STRTAB) { if (sec->shdr.sh_type != SHT_STRTAB) {
continue; continue;
...@@ -452,7 +468,7 @@ static void read_strtabs(FILE *fp) ...@@ -452,7 +468,7 @@ static void read_strtabs(FILE *fp)
static void read_symtabs(FILE *fp) static void read_symtabs(FILE *fp)
{ {
int i,j; int i,j;
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
if (sec->shdr.sh_type != SHT_SYMTAB) { if (sec->shdr.sh_type != SHT_SYMTAB) {
continue; continue;
...@@ -485,7 +501,7 @@ static void read_symtabs(FILE *fp) ...@@ -485,7 +501,7 @@ static void read_symtabs(FILE *fp)
static void read_relocs(FILE *fp) static void read_relocs(FILE *fp)
{ {
int i,j; int i,j;
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
if (sec->shdr.sh_type != SHT_REL_TYPE) { if (sec->shdr.sh_type != SHT_REL_TYPE) {
continue; continue;
...@@ -528,7 +544,7 @@ static void print_absolute_symbols(void) ...@@ -528,7 +544,7 @@ static void print_absolute_symbols(void)
printf("Absolute symbols\n"); printf("Absolute symbols\n");
printf(" Num: Value Size Type Bind Visibility Name\n"); printf(" Num: Value Size Type Bind Visibility Name\n");
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
char *sym_strtab; char *sym_strtab;
int j; int j;
...@@ -566,7 +582,7 @@ static void print_absolute_relocs(void) ...@@ -566,7 +582,7 @@ static void print_absolute_relocs(void)
else else
format = "%08"PRIx32" %08"PRIx32" %10s %08"PRIx32" %s\n"; format = "%08"PRIx32" %08"PRIx32" %10s %08"PRIx32" %s\n";
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
struct section *sec = &secs[i]; struct section *sec = &secs[i];
struct section *sec_applies, *sec_symtab; struct section *sec_applies, *sec_symtab;
char *sym_strtab; char *sym_strtab;
...@@ -650,7 +666,7 @@ static void walk_relocs(int (*process)(struct section *sec, Elf_Rel *rel, ...@@ -650,7 +666,7 @@ static void walk_relocs(int (*process)(struct section *sec, Elf_Rel *rel,
{ {
int i; int i;
/* Walk through the relocations */ /* Walk through the relocations */
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
char *sym_strtab; char *sym_strtab;
Elf_Sym *sh_symtab; Elf_Sym *sh_symtab;
struct section *sec_applies, *sec_symtab; struct section *sec_applies, *sec_symtab;
...@@ -706,7 +722,7 @@ static Elf_Addr per_cpu_load_addr; ...@@ -706,7 +722,7 @@ static Elf_Addr per_cpu_load_addr;
static void percpu_init(void) static void percpu_init(void)
{ {
int i; int i;
for (i = 0; i < ehdr.e_shnum; i++) { for (i = 0; i < shnum; i++) {
ElfW(Sym) *sym; ElfW(Sym) *sym;
if (strcmp(sec_name(i), ".data..percpu")) if (strcmp(sec_name(i), ".data..percpu"))
continue; continue;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment