From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mout.gmx.net (mout.gmx.net [212.227.15.15]) by sourceware.org (Postfix) with ESMTPS id E1C2A385C017 for ; Thu, 19 Mar 2020 12:06:17 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.3.2 sourceware.org E1C2A385C017 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=gmx.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=n54@gmx.com DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=gmx.net; s=badeba3b8450; t=1584619576; bh=+Wnj/9V3qfDgXsc89nRdbLdwm0pklXcfKKfsUdbjRqM=; h=X-UI-Sender-Class:Subject:To:References:From:Date:In-Reply-To; b=B39R8bSy6NdMbWs6FvV9hn+S+pZWhLHb4cvaHJmF9Mk/fNDCf8uHLO//FhqqB5etZ JVhOBqeOhwgv7w6ICayfENyDsh58vKGNuW7fNwHmlHMnneMDL3a905A1zG0qwK1bcy t2ENYsFiQH0GNYoQdFhzm2iiGOBwrAlrVMNDM1Fw= X-UI-Sender-Class: 01bb95c1-4bf8-414a-932a-4f6e2808ef9c Received: from [192.168.0.241] ([89.79.191.25]) by mail.gmx.com (mrgmx005 [212.227.17.184]) with ESMTPSA (Nemesis) id 1N5G9n-1jOZ9p0bYL-011Bap; Thu, 19 Mar 2020 13:06:16 +0100 Subject: Re: Invalid read in process_netbsd_elf_note To: Alan Modra , binutils@sourceware.org References: <20200319032608.GB4583@bubble.grove.modra.org> From: Kamil Rytarowski Autocrypt: addr=n54@gmx.com; prefer-encrypt=mutual; keydata= mQINBFVwUF8BEADHmOg7PFLIcSDdMx5HNDYr8MY2ExGfUTrKwPndbt3peaa5lHsK+UGoPG48 KiWkhEaMmjaXHFa7XgVpJHhFmNoJXfPgjI/sOKTMCPQ5DEHEHTibC4mta7IBAk+rmnaOF0k8 bxHfP8Qbls66wvicrAfTRXn/1ReeNc3NP4Sq39PoVHkfQTlnQiD4eAqBdq61B7DhzjhbKAZ4 RsNtLfB6eOv9qvmblUzs50ChYewM9hvn+c7MdDH+x2UXoSDhkBDkKcJGkX91evos8s9AuoEd D32X5e+bmdUGe8Cr3cAZJ8IEXR6F9828/kxzPliMsCWVRx1Fr28baCJOUGgFPNr3ips78m9+ Iw8PdQ101jU0dvucDFxw/1SCGYEZzV+O/237oRPuLCiDX5nhQoxf6dn9ukQleLBMNy2BLI4H g342NhF21HLA+KlyLOHaMKQCKzlal+zVNZTRTCh/ikMhsxWQjBfnqTDbMj85DnWwtump27SI qhPjUnS0a6MKoS/A+hbi64k5zztkvloELfCSrX7NyBTT0jgF2IGFIxZMrKCtQ9StcGMCV9MX tjcBy6fj7QMontEaIDRJEMjg8UIGw1B687OhalOv1ISia4xOWvpYAM6ipgqh6tBQmFzasL9P h1RtcVdFpFbhwVlr1Bly8c25gBNQHL5GUjLMn45LlQz50OzrkwARAQABtCdLYW1pbCBSeXRh cm93c2tpIChOZXRCU0QpIDxuNTRAZ214LmNvbT6JAjwEEwEIACYCGyMHCwkIBwMCAQYVCAIJ CgsEFgIDAQIeAQIXgAUCVbKGFwIZAQAKCRBLswjpsC52bIVpD/9i8npieI91xMIVvAHIUMeo cQO0IrNb+b/PuTj2qNemdwU7dhVJ7tVU5O1H2hI2M4rHGzjzDTxYzdxka0+A8CVEuvFdf6sF lXlXF0wM7rC6MoaB0QLAKxkZB5OtCILxLx7Bl2Y4cTPMU9v+qSL6yrdmhxogkufa4d6O9Zl/ FCWO2kH/BphKOiDtbyvdo2WULSLWP2IXN+0rCpNL4wbTfYLgV9JtMf8f0naGsdy7BFuDWsIE vtHh8dkQZP7dz6Qy67kx8negZaehSEgXwiae0HwQIn3xTQrFmBDALDsCgXuLWPTvglSkqTak uG+8X5fyTy0cU10TNKsU+rFBO+/xsUoIQOGrARwfWOIfJNPelzh/qigSnyNQNH8u5vFRPg9n fqB/AcvvAvtOYOo8EN9Ofx11gNj397NXc5HBQTrX6k5GNAeBWE3Ng1uO6scIwAS7qGnqGezU ABmQKLN37gmJiiGwhQAnSE6HILLBC5Z2b0S2rQsPKg8WgUmPa1YIcDkDtNB/LJcDsdU4Fm+r U2ksKU7tGD2ZfBt8H2nqfPKKeB+Uv/TBigjRvx/m70vjhqVxwCZA9Fqr9vkQkZroNfqP+3dp Z5V5fjmxO5abE2+IikSvFagwMtgx56i8Yrr2BzE8P5/S4cKq1kgyQoF+lVGDKRkUKCv1i4Fo aftnSxN8jTFZDbkCDQRVcFBfARAAutbzb8wAHGL5FPPWKErQ3Bsrp9RDTVqRzp7kBMOtd/14 MrOsWWyiml4XnvBYsJuhZWomFoeulcOXAPoTJ2vTw6erWYtdOiZymfQ3GMWpxzgkOVeNjsFF 9AQ38FCMKmIDs9dgn+KXSIXlZA34khKLd163SN5U/KHfYlnnocec31u+7rVa1hlF5DBSSpoi s8cs41foBYC5NsB/i+yqGIlfzHy7pC2u5kyQCuJotLH4y0rT5X+YBC7z7cqKChtILNDGw0ht qps29fwOGBE/FWmu8CbpSHj8pvg7uUyQcKbZbNChBfWtOJKdjnNs5VHf2ec95SwYmWl6Xz66 G892HY4ODtvl05/kh0qtdJd2oI4gJBsBx/N1585/3JYN4k78GIHTnML3xJydRRs9wwM3AXf/ iDGrMyY7qHQVXJLdO5nPe7LHg48vryCMkBnTMw5iNFPVCu5w1BaZyHxuS2HvpsgUtQoBa2QE P1jYNI+2qgoiIG4VQDhYtrD0WJaYdi/C2UVDxRy07dt73SV3RQ7ijOiUrz4g3/deFKY16/1k sE+N5Sc5Tjt84ChjO3nJRbHrQxd6dCOElR70e3R2yAuSB4m7LJpO20IB9CtWhlF/0AtfL91W O8GGGqLWB0Z04hmwRs/l8T4WWIlykLshbunWN6jsP1Y27FeilTZ+Pc9mYOEUFfEAEQEAAYkC HwQYAQgACQUCVXBQXwIbDAAKCRBLswjpsC52bPayD/9jE8mdNudrudSxbDB2vf8pU8r5flCq vIkfOdpZGV/Wx/Zx+HFHHp+b2aNBGSNyFTnph1Ku9bvg06vD0o+b7SdA1vrBgRG41t0OCIyf vejz65Xpin2EtCllcBM8zUCxHo43blON8fNw70P1Ec0loBp4TAal1MiXbB8kxRTRcEPVO9YF 9NPsFxycoWl0ZSvu4ESrQlrjRbVv+W0Fy/XqcQwEtDziFQHQXNRbTy8INPD49CsB7BkKRK+f 1vMmw7SxfsyEhyCgo9ZWfHb/+w9T5h+UhF87L/m287z7W+s4aCAPBzjbIWhtngGJJwIgiWdI I9J6YJLcHLvVZLw7xzA/flcjc0VfzOgJOJw3hBukHnEz7/CKgnABwyNu52P+PQbxVTiTjMKm 06eV732u9ZLD9ZgEazfmyGDHzsuzoXwsRnmcnbwYYAiynS+vfGl5oMtMa5qzsPhlzuvRlXHm zr8VjF8c9RThvyZyyHtWYAqNmBecMvM0whigjMeoAMJ5LtpyZgxjbHj1XnVdNBZgfJkOzsc/ twffi7RYphRx0d9z5UZ1Yl5Rvl05vTaJ7YhhNC7xuE8yGOQmDUsPDwWqO/eXUDErJjCOBR5b 0yILqRPYNT0Fj/th9gtEbZy1Gp0TVBkZM3tfjDRu43Pn6iSKObO/j0rNuq1LwN/EMxDifeZO 4XSbcg== Message-ID: <84a0af30-1380-a2e7-888f-9cfbbf05f60a@gmx.com> Date: Thu, 19 Mar 2020 13:05:13 +0100 User-Agent: Mozilla/5.0 (X11; NetBSD amd64; rv:68.0) Gecko/20100101 Thunderbird/68.4.1 MIME-Version: 1.0 In-Reply-To: <20200319032608.GB4583@bubble.grove.modra.org> Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="ei7T7knIYa9RY7asimGpEChh7h5FmCFbH" X-Provags-ID: V03:K1:4VEN+iWKZUWtJOjjVX1S/F5xNl8aYyhTqbudvYeLDGRfOHHjv2I tNeQbFDAdXYVYtTKbauF9tIgfm4fi9+M8t8L8pnKz+ADRO2dhhHDfPG7/3oypyCIcpm+e3H /9PxyR/Igcr94YzmsgZSokM65MpCujoK3CnphLgc+3lJyLasNnmGlCU62/Con6mNLPB6GQR C4GzLM3Mag/CQwkC4JM4A== X-UI-Out-Filterresults: notjunk:1;V03:K0:tEnf+Kh5W5s=:Z6zQYlLsFcYuPp3nBCGp0e W7zf5pJl0PeiKRZxbxykGSRGRFpEfPCg9k46hWYXr0rPQmQwg7ig8Pn4mtvGElxhynWKDRDh9 uwTDt+u1P9Glrjnb9jeqKObIb4WX/k5sgg/am6GkrWNAkXZs+1fxP3D9gm1Sv0E3l9JLeZhHt 8sykIVdJRdrs/Jm9TK0JscSUk2A9fMJHtZLZSOnrxmTg1tYTWnS2D3ev7a6MEBoESDZvSkrNr RerIe9/IFd0jnhhdxBc5PcPpo9nsprv9ANvoj4kKF4v10eXMLgH/GlgwjyWC8RIASjYvs23NZ tTXiDLAfbgMHonPR4dJSSzgXgUB327IgyeoUaRcOoOowoOS3qwPRSQ1nyX8ZFhuvqD+SNrF56 I+vI1uEGg6s+B3D9yFbT+V6kdmGGJlMptsNQzQxUfIyWZzXuesbgpXSyjcMciG0U//aNwGip+ Udga1NI4GtKd3KjrJlJ+xQzhdA/a4zwCerU3194vJ+8TMdkqq0sS5TucCODXDsf8SP9E/opeQ yqe4oMg5wkGTDEWRyIWTJo+sTvojq8pS2m+Vmndv+vyMLPe74O7SsaRZuftfTwUrHC/D9Ps30 iNLCFJE3+PvkM+eqo9P+rIYoMSCyHJTAVj4xtLrnIWvXtBdYvwXQOr4PsFBfYrM/mbZ5Htij0 CiJ1dRWAgz3r5lwXayTFL1zT2Ntxx+c6fsLVj6O1+XX3CwxK8qqdpyN144J1nW2FCJhwbt9HS 8b/MUwPzirigNS/TtrqTv3huemKYi9Tt0GBOqOLpH71RbAFhSQle403OfiCItUIekh1CdB/Vq 0Q+CctC+wYi9eKZD9uXfMMiRGOTLB4Ew77WdnH5VdxNkM6XxhB8Oxq769RJWahyU5ShMRkB9b l1y69ptNTWPfO93rOGsUg3qk/Y0P1wMTqO7cuMPLcRsVYbnUgLajBkONjsgyZS9E2EmzI9UVt bH2JWTgs7XGHRUvFY5cjZwF9LLYBY/N+5MnCVfd9/9pFG4Iy4HtRPSPVJm9xqtIZ5K8gVV16K EnXdpuCLdOc6/+5OBqlhOFO70E3fjjFm9UG415Mhx2D7ODZFko86BvQFJXJTVKrbsD8/b720W GAYrmEwDsUr0Pgka9LtgdlXK1iT6WKiad0QmEoi2y3U/mj+FNu+QkrcprayIzTNGPB4sAajFx x/whbR4ySJmEE+Gzmfw16KjPiaWW+yN83Y9n0Xes2Na+PIIxwKCJwhFJ86ElMY0NtM7Ac= X-Spam-Status: No, score=-25.4 required=5.0 tests=DKIM_SIGNED, DKIM_VALID, FREEMAIL_ENVFROM_END_DIGIT, FREEMAIL_FROM, GIT_PATCH_0, GIT_PATCH_1, GIT_PATCH_2, GIT_PATCH_3, RCVD_IN_DNSWL_LOW, SPF_HELO_NONE, SPF_PASS autolearn=ham autolearn_force=no version=3.4.2 X-Spam-Checker-Version: SpamAssassin 3.4.2 (2018-09-13) on server2.sourceware.org X-BeenThere: binutils@sourceware.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Binutils mailing list List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 19 Mar 2020 12:06:19 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --ei7T7knIYa9RY7asimGpEChh7h5FmCFbH Content-Type: multipart/mixed; boundary="5zdprpnz7D9d49k8Sg7eQ2K1q12zraid7"; protected-headers="v1" From: Kamil Rytarowski To: Alan Modra , binutils@sourceware.org Message-ID: <84a0af30-1380-a2e7-888f-9cfbbf05f60a@gmx.com> Subject: Re: Invalid read in process_netbsd_elf_note References: <20200319032608.GB4583@bubble.grove.modra.org> In-Reply-To: <20200319032608.GB4583@bubble.grove.modra.org> --5zdprpnz7D9d49k8Sg7eQ2K1q12zraid7 Content-Type: text/plain; charset=utf-8 Content-Language: en-US Content-Transfer-Encoding: quoted-printable Looks OK. On 19.03.2020 04:26, Alan Modra via Binutils wrote: > * readelf.c (process_netbsd_elf_note): Validate descsz before > accessing descdata. Formatting. >=20 > diff --git a/binutils/readelf.c b/binutils/readelf.c > index a11297845e..c8ca66e52c 100644 > --- a/binutils/readelf.c > +++ b/binutils/readelf.c > @@ -18402,15 +18402,17 @@ process_netbsd_elf_note (Elf_Internal_Note * = pnote) > switch (pnote->type) > { > case NT_NETBSD_IDENT: > + if (pnote->descsz < 1) > + break; > version =3D byte_get ((unsigned char *) pnote->descdata, sizeof = (version)); > if ((version / 10000) % 100) > - printf (" NetBSD\t\t0x%08lx\tIDENT %u (%u.%u%s%c)\n", pnote->= descsz, > + printf (" NetBSD\t\t0x%08lx\tIDENT %u (%u.%u%s%c)\n", pnote->descsz,= > version, version / 100000000, (version / 1000000) % 100, > (version / 10000) % 100 > 26 ? "Z" : "", > 'A' + (version / 10000) % 26); > else > printf (" NetBSD\t\t0x%08lx\tIDENT %u (%u.%u.%u)\n", pnote->descsz, > - version, version / 100000000, (version / 1000000) % 100, > + version, version / 100000000, (version / 1000000) % 100, > (version / 100) % 100); > return TRUE; > =20 > @@ -18421,6 +18423,8 @@ process_netbsd_elf_note (Elf_Internal_Note * pn= ote) > =20 > #ifdef NT_NETBSD_PAX > case NT_NETBSD_PAX: > + if (pnote->descsz < 1) > + break; > version =3D byte_get ((unsigned char *) pnote->descdata, sizeof = (version)); > printf (" NetBSD\t\t0x%08lx\tPaX <%s%s%s%s%s%s>\n", pnote->desc= sz, > ((version & NT_NETBSD_PAX_MPROTECT) ? "+mprotect" : ""), > @@ -18431,12 +18435,11 @@ process_netbsd_elf_note (Elf_Internal_Note * = pnote) > ((version & NT_NETBSD_PAX_NOASLR) ? "-ASLR" : "")); > return TRUE; > #endif > - > - default: > - printf (" NetBSD\t0x%08lx\tUnknown note type: (0x%08lx)\n", pno= te->descsz, > - pnote->type); > - return FALSE; > } > + > + printf (" NetBSD\t0x%08lx\tUnknown note type: (0x%08lx)\n", > + pnote->descsz, pnote->type); > + return FALSE; > } > =20 > static const char * >=20 --5zdprpnz7D9d49k8Sg7eQ2K1q12zraid7-- --ei7T7knIYa9RY7asimGpEChh7h5FmCFbH Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEELaxVpweEzw+lMDwuS7MI6bAudmwFAl5zX/kACgkQS7MI6bAu dmzung/9FVr7mRyj80BeLpcSzJqE6vgqSnS+Oi5O2lsgzNrHpX4/NN1Oqfgwpy5N SZxerv6RhKOFiUVAmyOE0Une0xwS23IzWXnxfQAHnKM2sv2Fpl/zWlPkVN4XwyB1 veBlPd0VzPZFfXvGd2FFnyJxV4/zTVbsdGe2tNsmrVnsxuclNoUblJx37AaBgM45 Z8agx25eUP7PEhfcW8a/3NrihJlHyIVUtItPYCHadplIdcgdnPFYDHvGh13QYEck tyMLiK6RKRf0IGmubv/+qv7Wa10FXzM7AnUOSzR1RTRCsSpFg918l19zYY0y7Bgn 6uQ1LirQmaCBMXGxtOQc1jLrxcIeAPxmMC0EvmpBYOCFWEVh6TGjTMdqIyJI8VnJ 79zig6Xk+My5WgUgHN4jr3seKymfiG+JpAAPkass9IDIcN/fkIyxgzDZxNRmOx1v q1iUl/j81097x7065aAL+FfSRNSQgUQTiHbMVl7r8LpQl9XED6AisqntH1saTMpC AHIdZuev7kVNy/O/u3zSOUoldcV4DejW19bVQxFuHH+pKhQxcviUGKWOReW5scFn OhGAYk2WFlDFHq7n81bviai60WlKGqga1zvKixyD42zYzoMYyxd7wGZ7NYS1XVhN f4AlSABNOYfZgK07CuvJCtkhvi2mhN2URJ/ewRvw91982m0M6x8= =qAEx -----END PGP SIGNATURE----- --ei7T7knIYa9RY7asimGpEChh7h5FmCFbH--