From 56933f9e3e90eebf1018ed7417d6c1184b91db6b Mon Sep 17 00:00:00 2001 From: "H.J. Lu" <hjl.tools@gmail.com> Date: Fri, 22 Sep 2017 14:15:40 -0700 Subject: [PATCH 1/1] x86: Guard against corrupted PLT There should be only one entry in PLT for a given symbol. Set howto to NULL after processing a PLT entry to guard against corrupted PLT so that the duplicated PLT entries are skipped. PR binutils/22170 * elf32-i386.c (elf_i386_get_synthetic_symtab): Guard against corrupted PLT. * elf64-x86-64.c (elf_x86_64_get_synthetic_symtab): Likewise. (cherry picked from commit 61e3bf5f83f7e505b6bc51ef65426e5b31e6e360) --- bfd/elf32-i386.c | 4 ++++ bfd/elf64-x86-64.c | 4 ++++ 2 files changed, 8 insertions(+) diff --git a/bfd/elf32-i386.c b/bfd/elf32-i386.c index 9dc2d25..ba50c93 100644 --- a/bfd/elf32-i386.c +++ b/bfd/elf32-i386.c @@ -6616,6 +6616,10 @@ bad_return: size += sizeof ("+0x") - 1 + 8; n++; s++; + /* There should be only one entry in PLT for a given + symbol. Set howto to NULL after processing a PLT + entry to guard against corrupted PLT. */ + p->howto = NULL; } offset += plt_entry_size; } diff --git a/bfd/elf64-x86-64.c b/bfd/elf64-x86-64.c index 558db98..d9225ad 100644 --- a/bfd/elf64-x86-64.c +++ b/bfd/elf64-x86-64.c @@ -6970,6 +6970,10 @@ bad_return: size += sizeof ("+0x") - 1 + 8 + 8 * ABI_64_P (abfd); n++; s++; + /* There should be only one entry in PLT for a given + symbol. Set howto to NULL after processing a PLT + entry to guard against corrupted PLT. */ + p->howto = NULL; } offset += plt_entry_size; }