From patchwork Tue Apr 7 15:51:07 2020 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Alex_Benn=C3=A9e?= X-Patchwork-Id: 185242 Delivered-To: patch@linaro.org Received: by 2002:a92:de47:0:0:0:0:0 with SMTP id e7csp5012120ilr; Tue, 7 Apr 2020 08:52:10 -0700 (PDT) X-Google-Smtp-Source: APiQypLXWxV6AmZhjhfZAEB0FwoFvpY4im+wUg7fPbC+3Pa2cW0zg/4K1y5NbfNpB7BIz4AC1P0p X-Received: by 2002:a05:620a:21d0:: with SMTP id h16mr3020991qka.104.1586274729950; Tue, 07 Apr 2020 08:52:09 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1586274729; cv=none; d=google.com; s=arc-20160816; b=kqFgHyGi9M1pEydgVPrAkIBcOCZa1qTPDFRY8YuKE4UBd87rhSf3qMvSbTjeHn8cpH IK1MISaRblJo2JxYS31W3FpG2I+lGgl9Ls8t8/QIhQqILkiZONhmk4aEB4cuVqgSAl2j Xd1eHNg091MjszXwvFsi4it3voLNJtB3Qy7MgH1DZNd1CDjdnadLJDajE2oY7sAOheSP PtOOkqH6+QFh09V7MnTQtg52MpdOD/+liVFMEiteGpEnJJbOumQtWxuVxJwKm7fGI/sO ArnQGtWCyY2RiOEKZFPv8pzhvXfWJPwLFkgcTgThWPqVlWKbwjfPk58WU7Mfsmy4lReW JLQw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=sender:errors-to:cc:list-subscribe:list-help:list-post:list-archive :list-unsubscribe:list-id:precedence:content-transfer-encoding :mime-version:references:in-reply-to:message-id:date:subject:to:from :dkim-signature; bh=Q57zQTrLcXLT83HxQuDz8QACu0YFUBqTjtOg3VhhyNs=; b=bv+I+55I/J6GVD9J8E2lS+7Ku5luLO52jHeCb92gMh/hJbMH26Ph49helx5GZ6wYH0 0C4OtotuIkHtiRqrVltar6AW7dwstVnNgaZn7rXsxa8d3hwr4Xo7aPAM8hQMrxEYoumC o0BrIDNcHln6YD511xnCvDH/4ChhizUTDDtT84/3FkGXXhfHaNmYPSCueKyI6ubfn9SF 61C5y4b6Uh5PhllShqBQXgDtP/caapqOIjXE/Wl8iMIegWN84iquIt67SKOXMRJAABH6 bVc35WL6CvU3vNSiJ64CZ1IUSpSVTIjdMrkZUTDEyf5Z2JO7pEEe0L4qS6+lhiyN1dkr 14WA== ARC-Authentication-Results: i=1; mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=l1T1p6Jd; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Return-Path: Received: from lists.gnu.org (lists.gnu.org. [209.51.188.17]) by mx.google.com with ESMTPS id o17si1720602qtj.142.2020.04.07.08.52.09 for (version=TLS1_2 cipher=ECDHE-ECDSA-CHACHA20-POLY1305 bits=256/256); Tue, 07 Apr 2020 08:52:09 -0700 (PDT) Received-SPF: pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) client-ip=209.51.188.17; Authentication-Results: mx.google.com; dkim=fail header.i=@linaro.org header.s=google header.b=l1T1p6Jd; spf=pass (google.com: domain of qemu-devel-bounces+patch=linaro.org@nongnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom="qemu-devel-bounces+patch=linaro.org@nongnu.org"; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=linaro.org Received: from localhost ([::1]:49564 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLqWH-0003O2-GG for patch@linaro.org; Tue, 07 Apr 2020 11:52:09 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:43606) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1jLqVX-0003ND-M3 for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:24 -0400 Received: from Debian-exim by eggs.gnu.org with spam-scanned (Exim 4.71) (envelope-from ) id 1jLqVW-0004FX-Eb for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:23 -0400 Received: from mail-wm1-x32d.google.com ([2a00:1450:4864:20::32d]:36754) by eggs.gnu.org with esmtps (TLS1.0:RSA_AES_128_CBC_SHA1:16) (Exim 4.71) (envelope-from ) id 1jLqVW-0004Ej-1E for qemu-devel@nongnu.org; Tue, 07 Apr 2020 11:51:22 -0400 Received: by mail-wm1-x32d.google.com with SMTP id d202so2375899wmd.1 for ; Tue, 07 Apr 2020 08:51:21 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=linaro.org; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references :mime-version:content-transfer-encoding; bh=Q57zQTrLcXLT83HxQuDz8QACu0YFUBqTjtOg3VhhyNs=; b=l1T1p6Jd4u+ukfVttYGakUINGAatIH3aRP7q1iaUGA0Yc+bM7TMrtTmSABWLwjueub WtIF9+gr+NO2soVdqZdeBER29q6l43l6m6QPlRYhxaAZyR1QDPb+0eujPrnO+NtPAZf0 ohMtyaPdverRK2fvJYYlkAEs9YMy2Iy73TjXyXIdJ4Do+wJudvqSOVrVQ4KYi3a84i2p 8NPiO4aRvVz8tUTTbq/NRUDZiNNaGYtdOqywnasMi4ORXZkvjg8fLIAj50oUuNrdjeXQ RsN8r5TQBA6waBB7QsdWIXQnaaX3PboVdhPgfmtJ94akzcVgHZxI9iMGIIdtPp9H3S+3 /rqg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references:mime-version:content-transfer-encoding; bh=Q57zQTrLcXLT83HxQuDz8QACu0YFUBqTjtOg3VhhyNs=; b=n+4xbnp63lYCzM+UDQ81cOpSW8l+Cih9uFFDaf2RomhZceECLjmWweH8PdjgpiOmx+ HVupG7RHKVP7BNsW6xA23ZQhyGvlrN3Fga0n7Tg8K+GA4q3uU3TOSEMHAjJTMFtoVGSd idmciedc5arj58IiomlbsJn5MCLKdIFEPtAO3A7NBs91oA1gi569/jhzi6z7ljYUCslD ZAmllD2xz/R3h5Myhg5uK6zWw/TzMgqwiXXoJuywy0V5Rj1Qmh9QepI86A1SaHWx1VdZ +tgUOVG/ZxYlXnGADhND377BrUOZjlDd+i2ZK4aDJglA113MVIdtonagOjoaWN3xWz2G W9tQ== X-Gm-Message-State: AGi0PuYTCV7tk+BmU0j9yU0eGkK1v76PT/PO5vGg/l9NMa+0n8g6XdWL pH15BwqIQ3YNuYQTr1+pkozcog== X-Received: by 2002:a7b:c92d:: with SMTP id h13mr2943244wml.120.1586274680548; Tue, 07 Apr 2020 08:51:20 -0700 (PDT) Received: from zen.linaroharston ([51.148.130.216]) by smtp.gmail.com with ESMTPSA id i1sm2871572wmb.33.2020.04.07.08.51.19 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Tue, 07 Apr 2020 08:51:19 -0700 (PDT) Received: from zen.lan (localhost [127.0.0.1]) by zen.linaroharston (Postfix) with ESMTP id 6F2B01FF8C; Tue, 7 Apr 2020 16:51:18 +0100 (BST) From: =?utf-8?q?Alex_Benn=C3=A9e?= To: peter.maydell@linaro.org Subject: [PULL 02/13] elf-ops: bail out if we have no function symbols Date: Tue, 7 Apr 2020 16:51:07 +0100 Message-Id: <20200407155118.20139-3-alex.bennee@linaro.org> X-Mailer: git-send-email 2.20.1 In-Reply-To: <20200407155118.20139-1-alex.bennee@linaro.org> References: <20200407155118.20139-1-alex.bennee@linaro.org> MIME-Version: 1.0 X-detected-operating-system: by eggs.gnu.org: Genre and OS details not recognized. X-Received-From: 2a00:1450:4864:20::32d X-BeenThere: qemu-devel@nongnu.org X-Mailman-Version: 2.1.23 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Cc: =?utf-8?q?Philippe_Mathieu-Daud=C3=A9?= , Richard Henderson , =?utf-8?q?Alex_Benn?= =?utf-8?b?w6ll?= , qemu-devel@nongnu.org Errors-To: qemu-devel-bounces+patch=linaro.org@nongnu.org Sender: "Qemu-devel" It's perfectly possible to have no function symbols in your elf file and if we do the undefined behaviour sanitizer rightly complains about us passing NULL to qsort. Check nsyms before we go ahead. While we are at it lets drop the unchecked return value and cleanup the fail leg by use of g_autoptr. Another fix was proposed 101 weeks ago in: Message-Id: 20180421232120.22208-1-f4bug@amsat.org Signed-off-by: Alex Bennée Reviewed-by: Philippe Mathieu-Daudé Reviewed-by: Richard Henderson Message-Id: <20200403191150.863-2-alex.bennee@linaro.org> -- 2.20.1 diff --git a/include/hw/elf_ops.h b/include/hw/elf_ops.h index a1411bfcab6..e0bb47bb678 100644 --- a/include/hw/elf_ops.h +++ b/include/hw/elf_ops.h @@ -104,19 +104,21 @@ static int glue(symcmp, SZ)(const void *s0, const void *s1) : ((sym0->st_value > sym1->st_value) ? 1 : 0); } -static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, - int clear_lsb, symbol_fn_t sym_cb) +static void glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, + int clear_lsb, symbol_fn_t sym_cb) { - struct elf_shdr *symtab, *strtab, *shdr_table = NULL; - struct elf_sym *syms = NULL; + struct elf_shdr *symtab, *strtab; + g_autofree struct elf_shdr *shdr_table = NULL; + g_autofree struct elf_sym *syms = NULL; + g_autofree char *str = NULL; struct syminfo *s; int nsyms, i; - char *str = NULL; shdr_table = load_at(fd, ehdr->e_shoff, sizeof(struct elf_shdr) * ehdr->e_shnum); - if (!shdr_table) - return -1; + if (!shdr_table) { + return ; + } if (must_swab) { for (i = 0; i < ehdr->e_shnum; i++) { @@ -125,23 +127,25 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } symtab = glue(find_section, SZ)(shdr_table, ehdr->e_shnum, SHT_SYMTAB); - if (!symtab) - goto fail; + if (!symtab) { + return; + } syms = load_at(fd, symtab->sh_offset, symtab->sh_size); - if (!syms) - goto fail; + if (!syms) { + return; + } nsyms = symtab->sh_size / sizeof(struct elf_sym); /* String table */ if (symtab->sh_link >= ehdr->e_shnum) { - goto fail; + return; } strtab = &shdr_table[symtab->sh_link]; str = load_at(fd, strtab->sh_offset, strtab->sh_size); if (!str) { - goto fail; + return; } i = 0; @@ -170,8 +174,13 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, } i++; } - syms = g_realloc(syms, nsyms * sizeof(*syms)); + /* check we have symbols left */ + if (nsyms == 0) { + return; + } + + syms = g_realloc(syms, nsyms * sizeof(*syms)); qsort(syms, nsyms, sizeof(*syms), glue(symcmp, SZ)); for (i = 0; i < nsyms - 1; i++) { if (syms[i].st_size == 0) { @@ -182,18 +191,11 @@ static int glue(load_symbols, SZ)(struct elfhdr *ehdr, int fd, int must_swab, /* Commit */ s = g_malloc0(sizeof(*s)); s->lookup_symbol = glue(lookup_symbol, SZ); - glue(s->disas_symtab.elf, SZ) = syms; + glue(s->disas_symtab.elf, SZ) = g_steal_pointer(&syms); s->disas_num_syms = nsyms; - s->disas_strtab = str; + s->disas_strtab = g_steal_pointer(&str); s->next = syminfos; syminfos = s; - g_free(shdr_table); - return 0; - fail: - g_free(syms); - g_free(str); - g_free(shdr_table); - return -1; } static int glue(elf_reloc, SZ)(struct elfhdr *ehdr, int fd, int must_swab,