libctf: add the object index and function index sections

No code handles these yet, but our latest GCC patches are generating them, so we have to be ready for them or erroneously conclude that we have file corruption. (This simultaneously fixes a longstanding bug, concealed because nothing was generating anything in the object or function info sections, where the end of the section was being tested against the wrong thing: it would have walked over the entire contents of the variable section and treated them as part of the function info section. This had to change now anyway because the new sections have landed in between.) include/ * ctf.h: Add object index and function index sections. Describe them. Improve the description of the variable section and clarify the constraints on backward-pointing type nodes. (ctf_header): Add cth_objtidxoff, cth_funcidxoff. libctf/ * ctf-open.c (init_symtab): Check for overflow against the right section. (upgrade_header): Set cth_objtidxoff, cth_funcidxoff to zero-length. (upgrade_types_v1): Note that these sections are not checked. (flip_header): Endian-swap the header fields. (flip_ctf): Endian-swap the sections. (flip_objts): Update comment. (ctf_bufopen): Check header offsets and alignment for validity.
author: Nick Alcock <nick.alcock@oracle.com> 2019-07-11 16:21:26 +0100
committer: Nick Alcock <nick.alcock@oracle.com> 2019-10-03 17:04:55 +0100
commit: 2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2 (patch)
tree: b2fbac05c35401a797365b1ce7f4f12f6cb70ff4 /libctf
parent: libctf, bfd: fix ctf_bfdopen_ctfsect opening symbol and string sections (diff)
download: binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.tar.gz
binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.tar.bz2
binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.zip
2 files changed, 33 insertions, 9 deletions
diff --git a/libctf/ChangeLog b/libctf/ChangeLog
index 7fa9fc04771..64d644f8a6c 100644
--- a/libctf/ChangeLog
+++ b/libctf/ChangeLog
@@ -1,5 +1,16 @@
 2019-07-13  Nick Alcock  <nick.alcock@oracle.com>
 
+	* ctf-open.c (init_symtab): Check for overflow against the right
+	section.
+	(upgrade_header): Set cth_objtidxoff, cth_funcidxoff to zero-length.
+	(upgrade_types_v1): Note that these sections are not checked.
+	(flip_header): Endian-swap the header fields.
+	(flip_ctf): Endian-swap the sections.
+	(flip_objts): Update comment.
+	(ctf_bufopen): Check header offsets and alignment for validity.
+
+2019-07-13  Nick Alcock  <nick.alcock@oracle.com>
+
 	* ctf-open-bfd.c: Add <assert.h>.
 	(ctf_bfdopen_ctfsect): Open string and symbol tables using
 	techniques borrowed from bfd_elf_sym_name.
diff --git a/libctf/ctf-open.c b/libctf/ctf-open.c
index 51f9edcc3a0..c96bad7d796 100644
--- a/libctf/ctf-open.c
+++ b/libctf/ctf-open.c
@@ -278,7 +278,7 @@ init_symtab (ctf_file_t *fp, const ctf_header_t *hp,
 	  break;
 
 	case STT_FUNC:
-	  if (funcoff >= hp->cth_typeoff)
+	  if (funcoff >= hp->cth_objtidxoff)
 	    {
 	      *xp = -1u;
 	      break;
@@ -376,6 +376,8 @@ upgrade_header (ctf_header_t *hp)
   hp->cth_stroff = oldhp->cth_stroff;
   hp->cth_typeoff = oldhp->cth_typeoff;
   hp->cth_varoff = oldhp->cth_varoff;
+  hp->cth_funcidxoff = hp->cth_varoff;		/* No index sections.  */
+  hp->cth_objtidxoff = hp->cth_funcidxoff;
   hp->cth_funcoff = oldhp->cth_funcoff;
   hp->cth_objtoff = oldhp->cth_objtoff;
   hp->cth_lbloff = oldhp->cth_lbloff;
@@ -388,6 +390,9 @@ upgrade_header (ctf_header_t *hp)
    The upgrade is not done in-place: the ctf_base is moved.  ctf_strptr() must
    not be called before reallocation is complete.
 
+   Sections not checked here due to nonexistence or nonpopulated state in older
+   formats: objtidx, funcidx.
+
    Type kinds not checked here due to nonexistence in older formats:
       CTF_K_SLICE.  */
 static int
@@ -967,6 +972,8 @@ flip_header (ctf_header_t *cth)
   swap_thing (cth->cth_cuname);
   swap_thing (cth->cth_objtoff);
   swap_thing (cth->cth_funcoff);
+  swap_thing (cth->cth_objtidxoff);
+  swap_thing (cth->cth_funcidxoff);
   swap_thing (cth->cth_varoff);
   swap_thing (cth->cth_typeoff);
   swap_thing (cth->cth_stroff);
@@ -987,10 +994,10 @@ flip_lbls (void *start, size_t len)
     }
 }
 
-/* Flip the endianness of the data-object or function sections, an array of
-   uint32_t.  (The function section has more internal structure, but that
-   structure is an array of uint32_t, so can be treated as one big array for
-   byte-swapping.)  */
+/* Flip the endianness of the data-object or function sections or their indexes,
+   all arrays of uint32_t.  (The function section has more internal structure,
+   but that structure is an array of uint32_t, so can be treated as one big
+   array for byte-swapping.)  */
 
 static void
 flip_objts (void *start, size_t len)
@@ -1176,7 +1183,9 @@ flip_ctf (ctf_header_t *cth, unsigned char *buf)
 {
   flip_lbls (buf + cth->cth_lbloff, cth->cth_objtoff - cth->cth_lbloff);
   flip_objts (buf + cth->cth_objtoff, cth->cth_funcoff - cth->cth_objtoff);
-  flip_objts (buf + cth->cth_funcoff, cth->cth_varoff - cth->cth_funcoff);
+  flip_objts (buf + cth->cth_funcoff, cth->cth_objtidxoff - cth->cth_funcoff);
+  flip_objts (buf + cth->cth_objtidxoff, cth->cth_funcidxoff - cth->cth_objtidxoff);
+  flip_objts (buf + cth->cth_funcidxoff, cth->cth_varoff - cth->cth_funcidxoff);
   flip_vars (buf + cth->cth_varoff, cth->cth_typeoff - cth->cth_varoff);
   return flip_types (buf + cth->cth_typeoff, cth->cth_stroff - cth->cth_typeoff);
 }
@@ -1330,19 +1339,23 @@ ctf_bufopen (const ctf_sect_t *ctfsect, const ctf_sect_t *symsect,
 	       (unsigned long) fp->ctf_size);
 
   if (hp->cth_lbloff > fp->ctf_size || hp->cth_objtoff > fp->ctf_size
-      || hp->cth_funcoff > fp->ctf_size || hp->cth_typeoff > fp->ctf_size
+      || hp->cth_funcoff > fp->ctf_size || hp->cth_objtidxoff > fp->ctf_size
+      || hp->cth_funcidxoff > fp->ctf_size || hp->cth_typeoff > fp->ctf_size
       || hp->cth_stroff > fp->ctf_size)
     return (ctf_set_open_errno (errp, ECTF_CORRUPT));
 
   if (hp->cth_lbloff > hp->cth_objtoff
       || hp->cth_objtoff > hp->cth_funcoff
       || hp->cth_funcoff > hp->cth_typeoff
-      || hp->cth_funcoff > hp->cth_varoff
+      || hp->cth_funcoff > hp->cth_objtidxoff
+      || hp->cth_objtidxoff > hp->cth_funcidxoff
+      || hp->cth_funcidxoff > hp->cth_varoff
       || hp->cth_varoff > hp->cth_typeoff || hp->cth_typeoff > hp->cth_stroff)
     return (ctf_set_open_errno (errp, ECTF_CORRUPT));
 
   if ((hp->cth_lbloff & 3) || (hp->cth_objtoff & 2)
-      || (hp->cth_funcoff & 2) || (hp->cth_varoff & 3)
+      || (hp->cth_funcoff & 2) || (hp->cth_objtidxoff & 2)
+      || (hp->cth_funcidxoff & 2) || (hp->cth_varoff & 3)
       || (hp->cth_typeoff & 3))
     return (ctf_set_open_errno (errp, ECTF_CORRUPT));
author	Nick Alcock <nick.alcock@oracle.com>	2019-07-11 16:21:26 +0100
committer	Nick Alcock <nick.alcock@oracle.com>	2019-10-03 17:04:55 +0100
commit	2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2 (patch)
tree	b2fbac05c35401a797365b1ce7f4f12f6cb70ff4 /libctf
parent	libctf, bfd: fix ctf_bfdopen_ctfsect opening symbol and string sections (diff)
download	binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.tar.gz binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.tar.bz2 binutils-gdb-2db912ba1a9e1c249cb4795f781fd4ea9fe9e7f2.zip