Fixes buffer overflow in nds32_elf_lo12_reloc
Adds a sanity check to nds32_elf_lo12_reloc to prevent reading beyond the allocated buffer, and replaces a function call with a constant.
This patch adds a sanity check to the nds32_elf_lo12_reloc function to ensure that the relocation offset is within the valid range, preventing potential buffer overflows when processing stashed hi relocs. It also replaces bfd_octets_per_byte calls with the OCTETS_PER_BYTE macro throughout the elf32-nds32.c file for consistency and potential performance gains. This prevents out-of-bounds reads and possible crashes when processing crafted or malformed binaries.
In Details
The patch addresses a potential buffer overflow vulnerability in bfd/elf32-nds32.c, specifically within the nds32_elf_lo12_reloc function. It adds a size check using bfd_reloc_offset_in_range before accessing relocation data. The patch also replaces calls to bfd_octets_per_byte with the OCTETS_PER_BYTE macro, which is likely a performance optimization. The vulnerability could be triggered by malformed ELF files with crafted relocation entries.
For Context
The Binary File Descriptor (BFD) library is part of binutils and provides a generic interface for working with different object file formats like ELF. Relocations are adjustments the linker makes to code and data when combining object files. This patch adds a check to prevent the tool from reading beyond the allocated buffer when processing a specific type of relocation for the NDS32 architecture. Without this check, a malformed or malicious ELF file could cause the program to crash.