reloc_upper_bound size calculations

Message ID YQOYENp3fmzFJEO8@squeak.grove.modra.org
State New
Headers show
Series
  • reloc_upper_bound size calculations
Related show

Commit Message

Cooper Qu via Binutils July 30, 2021, 6:11 a.m.
Section reloc_count is an unsigned int.  Adding one for a NULL
terminator to an array of arelent pointers can wrap the count to
zero.  Avoid that by doing the addition as longs.

	* coffgen.c (coff_get_reloc_upper_bound): Don't overflow unsigned
	int expression.
	* elf.c (_bfd_elf_get_reloc_upper_bound): Likewise.
	* elf64-sparc.c (elf64_sparc_get_reloc_upper_bound): Likewise.
	* mach-o.c (bfd_mach_o_get_reloc_upper_bound): Likewise.
	* vms-alpha.c (alpha_vms_get_reloc_upper_bound): Likewise.


-- 
Alan Modra
Australia Development Lab, IBM

Patch

diff --git a/bfd/coffgen.c b/bfd/coffgen.c
index ca936828468..77bda9e9947 100644
--- a/bfd/coffgen.c
+++ b/bfd/coffgen.c
@@ -1996,7 +1996,7 @@  coff_get_reloc_upper_bound (bfd *abfd, sec_ptr asect)
       return -1;
     }
 #endif
-  return (asect->reloc_count + 1) * sizeof (arelent *);
+  return (asect->reloc_count + 1L) * sizeof (arelent *);
 }
 
 asymbol *
diff --git a/bfd/elf.c b/bfd/elf.c
index de5abafabf0..d0898855de8 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -8559,7 +8559,7 @@  _bfd_elf_get_reloc_upper_bound (bfd *abfd, sec_ptr asect)
       return -1;
     }
 #endif
-  return (asect->reloc_count + 1) * sizeof (arelent *);
+  return (asect->reloc_count + 1L) * sizeof (arelent *);
 }
 
 /* Canonicalize the relocs.  */
diff --git a/bfd/elf64-sparc.c b/bfd/elf64-sparc.c
index 035ebdd45ce..d43784a1b44 100644
--- a/bfd/elf64-sparc.c
+++ b/bfd/elf64-sparc.c
@@ -44,7 +44,7 @@  elf64_sparc_get_reloc_upper_bound (bfd *abfd ATTRIBUTE_UNUSED, asection *sec)
       return -1;
     }
 #endif
-  return (sec->reloc_count * 2 + 1) * sizeof (arelent *);
+  return (sec->reloc_count * 2L + 1) * sizeof (arelent *);
 }
 
 static long
diff --git a/bfd/mach-o.c b/bfd/mach-o.c
index ff18ded23d5..a26a68fa440 100644
--- a/bfd/mach-o.c
+++ b/bfd/mach-o.c
@@ -1427,7 +1427,7 @@  bfd_mach_o_get_reloc_upper_bound (bfd *abfd ATTRIBUTE_UNUSED,
       return -1;
     }
 #endif
- return (asect->reloc_count + 1) * sizeof (arelent *);
+ return (asect->reloc_count + 1L) * sizeof (arelent *);
 }
 
 /* In addition to the need to byte-swap the symbol number, the bit positions
diff --git a/bfd/vms-alpha.c b/bfd/vms-alpha.c
index 41cc94440b3..bd49b7af3c7 100644
--- a/bfd/vms-alpha.c
+++ b/bfd/vms-alpha.c
@@ -5443,7 +5443,7 @@  alpha_vms_get_reloc_upper_bound (bfd *abfd ATTRIBUTE_UNUSED, asection *section)
 {
   alpha_vms_slurp_relocs (abfd);
 
-  return (section->reloc_count + 1) * sizeof (arelent *);
+  return (section->reloc_count + 1L) * sizeof (arelent *);
 }
 
 /* Convert relocations from VMS (external) form into BFD internal