bug-binutils
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Bug binutils/27746] New: or1k bfd overflow in plt reloc argument


From: shorne at sourceware dot org
Subject: [Bug binutils/27746] New: or1k bfd overflow in plt reloc argument
Date: Fri, 16 Apr 2021 23:44:14 +0000

https://sourceware.org/bugzilla/show_bug.cgi?id=27746

            Bug ID: 27746
           Summary: or1k bfd overflow in plt reloc argument
           Product: binutils
           Version: unspecified
            Status: NEW
          Severity: normal
          Priority: P2
         Component: binutils
          Assignee: unassigned at sourceware dot org
          Reporter: shorne at sourceware dot org
  Target Milestone: ---

Related to 21464

When generating PLT entries the or1k bfd implementation will silently overflow
the PLT argument to _dl_fixup causing a crash at runtime.  This was noticed
with glibc test elf/tst-audit-threads.

Workaround run library with LD_BIND_NOW=1.

Example

.plt

   75e70:       19 80 00 0b     l.movhi r12,0xb
   75e74:       85 8c 95 64     l.lwz r12,-27292(r12)
   75e78:       44 00 60 00     l.jr r12
   75e7c:       a9 60 ff f0     l.ori r11,r0,0xfff0

   75e80:       19 80 00 0b     l.movhi r12,0xb
   75e84:       85 8c 95 68     l.lwz r12,-27288(r12)
   75e88:       44 00 60 00     l.jr r12
   75e8c:       a9 60 ff fc     l.ori r11,r0,0xfffc

   75e90:       19 80 00 0b     l.movhi r12,0xb
   75e94:       85 8c 95 6c     l.lwz r12,-27284(r12)
   75e98:       44 00 60 00     l.jr r12
   75e9c:       a9 61 00 08     l.ori r11,r1,0x8    < r0 changed to r1 from
overflow

-- 
You are receiving this mail because:
You are on the CC list for the bug.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]