From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pj1-x1030.google.com (mail-pj1-x1030.google.com [IPv6:2607:f8b0:4864:20::1030]) by sourceware.org (Postfix) with ESMTPS id 7361A384604F for ; Thu, 4 Apr 2024 01:34:36 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 7361A384604F Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 7361A384604F Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::1030 ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712194478; cv=none; b=aaXbCTN/JmoyIpBqdltp/V09l3X+rbUrHmWwjCF2kJVvQcLWf4B2F02TZF3Q+PNSlFesG2KTzaS4+zhX2S2spSCcCnG/6iJbzAUw4r4rp1JytMlUrcNcJUk96Cv0GGlD9l2LDeGopw+ewhIKgF1hLy9fVPFxe+hwDAgWdMiangY= ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712194478; c=relaxed/simple; bh=vtjkXK8jivFxAjHUn+rsznraUviBfnYISBQpZrthsyw=; h=DKIM-Signature:From:To:Subject:Date:Message-ID:MIME-Version; b=VtfFmbkfRWi0cRJnGrxJMtPzTfcJyfnLIwrdsTimxt6ZEpWVCyYkuyWZoisb6wxOBU4d6TixWDWzRW95r1FWnDr7KaNCLpo2VVDEPZSfDMabuX7jAqUY21OiEYvipk7Y7QtDte77/xGOsNZ8RO8e7mtm/a9uNl6JvUf51ByolcE= ARC-Authentication-Results: i=1; server2.sourceware.org Received: by mail-pj1-x1030.google.com with SMTP id 98e67ed59e1d1-2a2784b2783so336977a91.1 for ; Wed, 03 Apr 2024 18:34:36 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1712194475; x=1712799275; darn=sourceware.org; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=B+Y46jqr24TySAamqYnFEmqwuQYg+V5xI0fpFk74B3o=; b=Jvos0rK0UhqlnXnttjCfA8LHJcAyZt4y2MPBOZceMciHv9Z19mASZH/i04mptw4cdn P9A+S9J3MTsTHeiu/YSS5ltFJeyX2rwhsLoiVTszcadQraunurtlz6HgDeKYHGbotR9S 3fEH8AV3i1GtZsLUpfosPTq3vVh+K8Ysa7xRvgod1XB2MkGMv3o0DDtv5hR873kwQwHF P1k05Qa+zU7jtxYMXHkryxxpwDB242P3OrTpREYl2Sr0Bt81D976Hz6mb0/XCKDBJLqN jypTGhi3U7I5J7BD3zii+C/iVHI/qWAlHo2ViiXPyMydRco1WHzSZnlfOfO6rLbZ5pHz zfVA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1712194475; x=1712799275; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=B+Y46jqr24TySAamqYnFEmqwuQYg+V5xI0fpFk74B3o=; b=Sax/V3NDBStrT6hYrK+eBQOOBp9kLaw8Y0q7+dHHISeCd/ErirSwd5tcl5kSI3dp4G Rqlp9ap0IwUOZaCIQSEFwIvaLe0rydrZIpfS82u6l20SCrEXispQQFG+Gt0ZDVEghf6w fKYtkeuDLG4VOWCfRIrhLGXQ7wexxwT+4hvTjAhNuDK9Y6dRdY4XBoPQGAWVDu/694Z+ fB+JSyfUbK4sGp7gMU+pJIfdWTGhdkB4QX7mihMvSwrPpp2zpPWPR5gf7XSZNg3z9B0b +Maj+09vMT3HqqBUlLGpzDYGaxcaPC4ObN1O2mYBE7T1/mRbGP0MZs2r3tcLAaonSWOV Imvw== X-Gm-Message-State: AOJu0YxDu3SPG9bquD9CkXzw9llKhOGFGaBUC8sxSB+7XhkWXLlPMMie ZDXdBt+k2qY70UiQufnk4qm5nsXfnkmAI2Wp09XVtI5v/Q4a3p6eDCFCIuDB X-Google-Smtp-Source: AGHT+IEKU0KFq7J/sDa1ZFasZcwzL+qJZz4UnJX45SC1nmWwfxSHFiHTjZhgwILijFEw0s3VG6jOWQ== X-Received: by 2002:a17:90a:ac11:b0:2a0:3c7e:b89e with SMTP id o17-20020a17090aac1100b002a03c7eb89emr1294378pjq.11.1712194475260; Wed, 03 Apr 2024 18:34:35 -0700 (PDT) Received: from gnu-tgl-3.localdomain ([172.56.169.48]) by smtp.gmail.com with ESMTPSA id s35-20020a17090a2f2600b0029baf24ee51sm406689pjd.48.2024.04.03.18.34.34 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Wed, 03 Apr 2024 18:34:34 -0700 (PDT) Received: from gnu-tgl-3.. (localhost [IPv6:::1]) by gnu-tgl-3.localdomain (Postfix) with ESMTP id BB243C01B0; Wed, 3 Apr 2024 18:34:33 -0700 (PDT) From: "H.J. Lu" To: binutils@sourceware.org Cc: amodra@gmail.com Subject: [PATCH] bfd_mmap_local: Check offset and size Date: Wed, 3 Apr 2024 18:34:33 -0700 Message-ID: <20240404013433.613048-1-hjl.tools@gmail.com> X-Mailer: git-send-email 2.44.0 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-3018.9 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_ABUSEAT,RCVD_IN_DNSWL_NONE,RCVD_IN_SBL_CSS,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: Update bfd_mmap_local to return NULL if offset + size > the file size. * libbfd.c (bfd_mmap_local): Validate offset and size against the file size. --- bfd/libbfd.c | 13 +++++-------- 1 file changed, 5 insertions(+), 8 deletions(-) diff --git a/bfd/libbfd.c b/bfd/libbfd.c index 34197b75b5e..400a5a47d2a 100644 --- a/bfd/libbfd.c +++ b/bfd/libbfd.c @@ -1072,18 +1072,15 @@ static void * bfd_mmap_local (bfd *abfd, size_t rsize, int prot, void **map_addr, size_t *map_size) { - if (!_bfd_constant_p (rsize)) + ufile_ptr filesize = bfd_get_file_size (abfd); + ufile_ptr offset = bfd_tell (abfd); + if ((offset + rsize) > filesize) { - ufile_ptr filesize = bfd_get_file_size (abfd); - if (filesize != 0 && rsize > filesize) - { - bfd_set_error (bfd_error_file_truncated); - return NULL; - } + bfd_set_error (bfd_error_file_truncated); + return NULL; } void *mem; - ufile_ptr offset = bfd_tell (abfd); mem = bfd_mmap (abfd, NULL, rsize, prot, MAP_PRIVATE, offset, map_addr, map_size); return mem; -- 2.44.0