[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Bug ld/12969] New: ld silently generates bad DLL when there are more th
From: |
batterseapower at hotmail dot com |
Subject: |
[Bug ld/12969] New: ld silently generates bad DLL when there are more than 65536 exports |
Date: |
Thu, 7 Jul 2011 12:22:37 +0000 |
http://sourceware.org/bugzilla/show_bug.cgi?id=12969
Summary: ld silently generates bad DLL when there are more than
65536 exports
Product: binutils
Version: 2.22 (HEAD)
Status: NEW
Severity: normal
Priority: P2
Component: ld
AssignedTo: address@hidden
ReportedBy: address@hidden
(This was previously an email message to binutils-bugs at
http://lists.gnu.org/archive/html/bug-binutils/2011-07/msg00038.html, but I
didn't get a reply)
Windows DLLs use 16-bit ordinals to name exports, but when ld is told
to export more than 65536 exports from a DLL it does not fail.
Instead, it generates a broken DLL which correctly exports the
alphabetically-first 65k exports but also contains bogus "junk"
exports for the remaining exports.
At the very least, ld should error out rather than silently generating
a bad DLL.
Proposed patch:
"""
--- ld-old/pe-dll.c 2011-07-04 15:16:56.050491400 +0100
+++ ld/pe-dll.c 2011-07-04 15:05:27.497120800 +0100
@@ -1095,6 +1095,12 @@
pe_def_file->exports[i].ordinal = next_ordinal;
}
+ if (max_ordinal > 65535 || next_ordinal > 65535) {
+ /* xgettext:c-format */
+ einfo(_("%XError, export ordinal too large: %d\n"),
+ max_ordinal > next_ordinal ? max_ordinal : next_ordinal);
+ }
+
/* OK, now we can allocate some memory. */
edata_sz = (40 /* directory */
+ 4 * export_table_size /* addresses */
"""
(On reflection, I think this patch can be simplified because it max_ordinal
should always be larger than next_ordinal)
Test case:
"""
$ cat generate.c
#include <stdio.h>
int main(int argc, char **argv) {
FILE *file = fopen("too_big.c", "w");
int i;
for (i = 0; i < (1 << 16); i++) {
fprintf(file, "__declspec(dllexport) int
export%05d(void);\nint export%05d(void) { return %d; }\n\n", i, i, i);
}
fclose(file);
return 0;
}
$ gcc generate.c -o generate && ./generate
$ gcc -shared too_big.c -o too_big.dll
"""
Inspect the generated too_big.dll in e.g. Dependency Walker.
Dependency Walker shows two exports with the same ordinal (this a
result of integer overflow). This is wrong.
--
Configure bugmail: http://sourceware.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [Bug ld/12969] New: ld silently generates bad DLL when there are more than 65536 exports,
batterseapower at hotmail dot com <=