From patchwork Fri Apr 3 19:11:39 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 185178 Delivered-To: patch@linaro.org Received: by 2002:a92:de47:0:0:0:0:0 with SMTP id e7csp913800ilr; Fri, 3 Apr 2020 12:12:25 -0700 (PDT) X-Google-Smtp-Source: APiQypLK7sId+rRf62VuuppU4QhK7pb/XhFNre/g4/8tOVFv+1rmm97AMwoIP2+RrlbhMAIfzCc+ X-Received: by 2002:ac8:1aed:: with SMTP id h42mr10014400qtk.43.1585941145478; Fri, 03 Apr 2020 12:12:25 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1585941145; cv=none; d=google.com; s=arc-20160816; b=hiktbCF8Dt50M9UghGXmL3BdSI6GY/etfUAvhc3lr5REGwnKCgdTGTB3rzOlO8voJP Z6PsmPr3YTl5uIHzavZNNBnj3kChcd53ZoeMM5DHMe1lvbc0vGhxQxKwDOCnNX+zmqJD 5Dv4G6OT7siVSNsassI6PfoPSwYNuwoJFeIUy1pu1lZzJ/7Pwv4vCPbdMhxa//jOg98G azXAOozUCj7CqKj616/EBxKd/eU0Y7xOTD8e8ffDqAhHMa5oKTBR3qlaw1OATRPrd8ke 267PwGSuCggJrUamMjzYdLphM11n0dykndGeUVvl6yhoO5632JkIlOHrA7FMySwH97I3 zuUw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=+bAv2HPSumCjz45QTmpT65MHVnN93v/+fTRM89VHFyg=; b=j/JZmGBC/kLiQe6WbneBVM12ZcdXkAOsSV2m3fskXcuFXAUcdGyZYmqL2Xt30/KJnD shs/dJzjzwjERNJvA7K6HIqw6YhdHdGHIMO0J1ZfV7g43ppg2XlpY7HW2HTxTdWNsR7+ 0p8n8yDMIbzj7nuJJow0InCO5SaUtFMtz6ae4IWIlz5li6ubM+Uz8D/mWQv0rld6ErWX rlv+I0kyWlJgT21hFFZsn+X9w+JedWP6IBnYEBkBvajWW3AKijgsKBMdqmUNP+hk+M6s n70j9DXzhGjTJSltJabUdzjJ5zKspytvl6j59tmo1QTQl3OvgXShZ7FP7i3EFcUUFZy3 9aMA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=yK80QjmI; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id k16si1627140qki.332.2020.04.03.12.12.25 for (version=TLS1_2 cipher=ECDHE-RSA-CHACHA20-POLY1305 bits=256/256); Fri, 03 Apr 2020 12:12:25 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=yK80QjmI; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:60056 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jKRjs-0003Fx-R1 for patch@linaro.org; Fri, 03 Apr 2020 15:12:24 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:40233) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jKRjQ-0003FP-DZ for qemu-devel@nongnu.org; Fri, 03 Apr 2020 15:11:57 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jKRjP-000200-1X for qemu-devel@nongnu.org; Fri, 03 Apr 2020 15:11:56 -0400 Received: from mail-wr1-x443.google.com ([2a00:1450:4864:20::443]:40096) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jKRjO-0001xC-LH for qemu-devel@nongnu.org; Fri, 03 Apr 2020 15:11:54 -0400 Received: by mail-wr1-x443.google.com with SMTP id s8so7674625wrt.7 for ; Fri, 03 Apr 2020 12:11:54 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=+bAv2HPSumCjz45QTmpT65MHVnN93v/+fTRM89VHFyg=; b=yK80QjmIo8e7BiILucvoVLSRw1slFmjM0ixIcZ1APs/uqRY1aqhiIjg1U8HKCBlk7a 2SIfRuEu55FGF5MgvxJdWuuLJ7U8mdmhVf+SJgcHlCLwNbiJQKusN1oKNZozSEFpm7OA tojXMZHU1vFnykDXF4MsGdJ/spSGRTUNAJJo7YaXf3JIFOdXDx6VMFdy7jq5rG+rqqyv GAwNglWd16vbNHK/Hsbn72X/+fC4611gFwfZC+9ifN2OzQLX1Tco8ChwoO6LTe5FlWat /Ukg+bnbKvUKSOA/XowjHPyhLyU0ErtjiCXwNgg5AsEBtnKUMwOelX54exmmrrmCsorU QkMw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=+bAv2HPSumCjz45QTmpT65MHVnN93v/+fTRM89VHFyg=; b=XG/9lN/z+LMxCfP0FrGXiUdr3HrvdZjyiiH9F13PYQ4QQO8QznfwKb3yVg/gw1+oRC LY6DvyoKwAKX1dAopmxPphyLs559bDkUCmFqvanWbuPylfG6Td4ACalAH1yuXgFmvFO4 w7jBFlm+AlCz9XLJjgawWIwEEKkN4Uty+i3zxDmTa367H/QmEP2UH7yK32J8KOFJxhtv Y2ipsg9uPgPeWtW54chLZFiKy4R2yIgbXcn9qHQoMuejQ+c2KrZxhInsEUPlWyyopsTB QpFT1JlXbrhCvwlk8pG9Nl0+64ugWRFEGsyNKtAkli4I9UjIx/h/imdt35tSZuC5zA7I TYiA== X-Gm-Message-State: AGi0PuZ3upSxrZvULtcbQ6TYojMjjSeEGVx9Nt4blmuxZW6vVqJWQD6E yI08xAM2hRYXeBFvO3tIoyBa/w== X-Received: by 2002:adf:e90b:: with SMTP id f11mr10454150wrm.65.1585941113556; Fri, 03 Apr 2020 12:11:53 -0700 (PDT) Received: from zen.linaroharston ([51.148.130.216]) by smtp.gmail.com with ESMTPSA id r5sm12481552wmr.15.2020.04.03.12.11.51 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 03 Apr 2020 12:11:51 -0700 (PDT) Received: from zen.lan (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id AE1E41FF87; Fri, 3 Apr 2020 20:11:50 +0100 (BST) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: qemu-devel@nongnu.org Subject: [PATCH v3 01/12] elf-ops: bail out if we have no function symbols Date: Fri, 3 Apr 2020 20:11:39 +0100 Message-Id: <20200403191150.863-2-alex.bennee@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200403191150.863-1-alex.bennee@linaro.org> References: <20200403191150.863-1-alex.bennee@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::443 X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Richard Henderson , =?utf-8?q?Alex_Benn?= =?utf-8?b?w6ll?= Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" It's perfectly possible to have no function symbols in your elf file and if we do the undefined behaviour sanitizer rightly complains about us passing NULL to qsort. Check nsyms before we go ahead. While we are at it lets drop the unchecked return value and cleanup the fail leg by use of g_autoptr. Another fix was proposed 101 weeks ago in: Message-Id: 20180421232120.22208-1-f4bug@amsat.org Signed-off-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson --- include/hw/elf_ops.h | 48 +++++++++++++++++++++++--------------------- 1 file changed, 25 insertions(+), 23 deletions(-) -- 2.20.1 diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h index a1411bfcab6..e0bb47bb678 100644 --- a/include/hw/elf_ops.h +++ b/include/hw/elf_ops.h @@ -104,19 +104,21 @@ static int glue(symcmp, SZ)(const void *s0, const void *s1) : ((sym0->st_value > sym1->st_value) ? 1 : 0); } -static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, - int clear_lsb, symbol_fn_t sym_cb) +static void glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, + int clear_lsb, symbol_fn_t sym_cb) { - struct elf_shdr *symtab, *strtab, *shdr_table = NULL; - struct elf_sym *syms = NULL; + struct elf_shdr *symtab, *strtab; + g_autofree struct elf_shdr *shdr_table = NULL; + g_autofree struct elf_sym *syms = NULL; + g_autofree char *str = NULL; struct syminfo *s; int nsyms, i; - char *str = NULL; shdr_table = load_at(fd, ehdr->e_shoff, sizeof(struct elf_shdr) * ehdr->e_shnum); - if (!shdr_table) - return -1; + if (!shdr_table) { + return ; + } if (must_swab) { for (i = 0; i < ehdr->e_shnum; i++) { @@ -125,23 +127,25 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } symtab = glue(find_section, SZ)(shdr_table, ehdr->e_shnum, SHT_SYMTAB); - if (!symtab) - goto fail; + if (!symtab) { + return; + } syms = load_at(fd, symtab->sh_offset, symtab->sh_size); - if (!syms) - goto fail; + if (!syms) { + return; + } nsyms = symtab->sh_size / sizeof(struct elf_sym); /* String table */ if (symtab->sh_link >= ehdr->e_shnum) { - goto fail; + return; } strtab = &shdr_table[symtab->sh_link]; str = load_at(fd, strtab->sh_offset, strtab->sh_size); if (!str) { - goto fail; + return; } i = 0; @@ -170,8 +174,13 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } i++; } - syms = g_realloc(syms, nsyms * sizeof(*syms)); + /* check we have symbols left */ + if (nsyms == 0) { + return; + } + + syms = g_realloc(syms, nsyms * sizeof(*syms)); qsort(syms, nsyms, sizeof(*syms), glue(symcmp, SZ)); for (i = 0; i < nsyms - 1; i++) { if (syms[i].st_size == 0) { @@ -182,18 +191,11 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, /* Commit */ s = g_malloc0(sizeof(*s)); s->lookup_symbol = glue(lookup_symbol, SZ); - glue(s->disas_symtab.elf, SZ) = syms; + glue(s->disas_symtab.elf, SZ) = g_steal_pointer(&syms); s->disas_num_syms = nsyms; - s->disas_strtab = str; + s->disas_strtab = g_steal_pointer(&str); s->next = syminfos; syminfos = s; - g_free(shdr_table); - return 0; - fail: - g_free(syms); - g_free(str); - g_free(shdr_table); - return -1; } static int glue(elf_reloc, SZ)(struct elfhdr *ehdr, int fd, int must_swab,