From patchwork Tue Apr 7 15:51:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 1267474 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=nongnu.org (client-ip=209.51.188.17; helo=lists.gnu.org; envelope-from=qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org; receiver=) Authentication-Results: ozlabs.org; dmarc=fail (p=none dis=none) header.from=linaro.org Authentication-Results: ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=linaro.org header.i=@linaro.org header.a=rsa-sha256 header.s=google header.b=l1T1p6Jd; dkim-atps=neutral Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 48xX330lDLz9sR4 for ; Wed, 8 Apr 2020 01:51:57 +1000 (AEST) Received: from localhost ([::1]:49564 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLqW2-0003O2-0c for incoming@patchwork.ozlabs.org; Tue, 07 Apr 2020 11:51:54 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43606) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLqVX-0003ND-M3 for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jLqVW-0004FX-Eb for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:23 -0400 Received: from mail-wm1-x32d.google.com ([2a00:1450:4864:20::32d]:36754) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jLqVW-0004Ej-1E for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:22 -0400 Received: by mail-wm1-x32d.google.com with SMTP id d202so2375899wmd.1 for ; Tue, 07 Apr 2020 08:51:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Q57zQTrLcXLT83HxQuDz8QACu0YFUBqTjtOg3VhhyNs=; b=l1T1p6Jd4u+ukfVttYGakUINGAatIH3aRP7q1iaUGA0Yc+bM7TMrtTmSABWLwjueub WtIF9+gr+NO2soVdqZdeBER29q6l43l6m6QPlRYhxaAZyR1QDPb+0eujPrnO+NtPAZf0 ohMtyaPdverRK2fvJYYlkAEs9YMy2Iy73TjXyXIdJ4Do+wJudvqSOVrVQ4KYi3a84i2p 8NPiO4aRvVz8tUTTbq/NRUDZiNNaGYtdOqywnasMi4ORXZkvjg8fLIAj50oUuNrdjeXQ RsN8r5TQBA6waBB7QsdWIXQnaaX3PboVdhPgfmtJ94akzcVgHZxI9iMGIIdtPp9H3S+3 /rqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Q57zQTrLcXLT83HxQuDz8QACu0YFUBqTjtOg3VhhyNs=; b=n+4xbnp63lYCzM+UDQ81cOpSW8l+Cih9uFFDaf2RomhZceECLjmWweH8PdjgpiOmx+ HVupG7RHKVP7BNsW6xA23ZQhyGvlrN3Fga0n7Tg8K+GA4q3uU3TOSEMHAjJTMFtoVGSd idmciedc5arj58IiomlbsJn5MCLKdIFEPtAO3A7NBs91oA1gi569/jhzi6z7ljYUCslD ZAmllD2xz/R3h5Myhg5uK6zWw/TzMgqwiXXoJuywy0V5Rj1Qmh9QepI86A1SaHWx1VdZ +tgUOVG/ZxYlXnGADhND377BrUOZjlDd+i2ZK4aDJglA113MVIdtonagOjoaWN3xWz2G W9tQ== X-Gm-Message-State: AGi0PuYTCV7tk+BmU0j9yU0eGkK1v76PT/PO5vGg/l9NMa+0n8g6XdWL pH15BwqIQ3YNuYQTr1+pkozcog== X-Google-Smtp-Source: APiQypKNeYyXvD6ogQzMlSxqXfaUOZ2Y4WtulK9LcMxDnhsyKUAzCtf/M3U6pXrVdDhLoCmnSfwrCQ== X-Received: by 2002:a7b:c92d:: with SMTP id h13mr2943244wml.120.1586274680548; Tue, 07 Apr 2020 08:51:20 -0700 (PDT) Received: from zen.linaroharston ([51.148.130.216]) by smtp.gmail.com with ESMTPSA id i1sm2871572wmb.33.2020.04.07.08.51.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2020 08:51:19 -0700 (PDT) Received: from zen.lan (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id 6F2B01FF8C; Tue, 7 Apr 2020 16:51:18 +0100 (BST) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: peter.maydell@linaro.org Subject: [PULL 02/13] elf-ops: bail out if we have no function symbols Date: Tue, 7 Apr 2020 16:51:07 +0100 Message-Id: <20200407155118.20139-3-alex.bennee@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200407155118.20139-1-alex.bennee@linaro.org> References: <20200407155118.20139-1-alex.bennee@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::32d X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Richard Henderson , =?utf-8?q?Alex_Benn?= =?utf-8?b?w6ll?= , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+incoming=patchwork.ozlabs.org@nongnu.org Sender: "Qemu-devel" It's perfectly possible to have no function symbols in your elf file and if we do the undefined behaviour sanitizer rightly complains about us passing NULL to qsort. Check nsyms before we go ahead. While we are at it lets drop the unchecked return value and cleanup the fail leg by use of g_autoptr. Another fix was proposed 101 weeks ago in: Message-Id: 20180421232120.22208-1-f4bug@amsat.org Signed-off-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Message-Id: <20200403191150.863-2-alex.bennee@linaro.org> diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h index a1411bfcab6..e0bb47bb678 100644 --- a/include/hw/elf_ops.h +++ b/include/hw/elf_ops.h @@ -104,19 +104,21 @@ static int glue(symcmp, SZ)(const void *s0, const void *s1) : ((sym0->st_value > sym1->st_value) ? 1 : 0); } -static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, - int clear_lsb, symbol_fn_t sym_cb) +static void glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, + int clear_lsb, symbol_fn_t sym_cb) { - struct elf_shdr *symtab, *strtab, *shdr_table = NULL; - struct elf_sym *syms = NULL; + struct elf_shdr *symtab, *strtab; + g_autofree struct elf_shdr *shdr_table = NULL; + g_autofree struct elf_sym *syms = NULL; + g_autofree char *str = NULL; struct syminfo *s; int nsyms, i; - char *str = NULL; shdr_table = load_at(fd, ehdr->e_shoff, sizeof(struct elf_shdr) * ehdr->e_shnum); - if (!shdr_table) - return -1; + if (!shdr_table) { + return ; + } if (must_swab) { for (i = 0; i < ehdr->e_shnum; i++) { @@ -125,23 +127,25 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } symtab = glue(find_section, SZ)(shdr_table, ehdr->e_shnum, SHT_SYMTAB); - if (!symtab) - goto fail; + if (!symtab) { + return; + } syms = load_at(fd, symtab->sh_offset, symtab->sh_size); - if (!syms) - goto fail; + if (!syms) { + return; + } nsyms = symtab->sh_size / sizeof(struct elf_sym); /* String table */ if (symtab->sh_link >= ehdr->e_shnum) { - goto fail; + return; } strtab = &shdr_table[symtab->sh_link]; str = load_at(fd, strtab->sh_offset, strtab->sh_size); if (!str) { - goto fail; + return; } i = 0; @@ -170,8 +174,13 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } i++; } - syms = g_realloc(syms, nsyms * sizeof(*syms)); + /* check we have symbols left */ + if (nsyms == 0) { + return; + } + + syms = g_realloc(syms, nsyms * sizeof(*syms)); qsort(syms, nsyms, sizeof(*syms), glue(symcmp, SZ)); for (i = 0; i < nsyms - 1; i++) { if (syms[i].st_size == 0) { @@ -182,18 +191,11 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, /* Commit */ s = g_malloc0(sizeof(*s)); s->lookup_symbol = glue(lookup_symbol, SZ); - glue(s->disas_symtab.elf, SZ) = syms; + glue(s->disas_symtab.elf, SZ) = g_steal_pointer(&syms); s->disas_num_syms = nsyms; - s->disas_strtab = str; + s->disas_strtab = g_steal_pointer(&str); s->next = syminfos; syminfos = s; - g_free(shdr_table); - return 0; - fail: - g_free(syms); - g_free(str); - g_free(shdr_table); - return -1; } static int glue(elf_reloc, SZ)(struct elfhdr *ehdr, int fd, int must_swab,