Re: [PATCH] bfd_mmap_local: Check offset and size

public inbox for binutils@sourceware.org
 help / color / mirror / Atom feed

From: Alan Modra <amodra@gmail.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: binutils@sourceware.org
Subject: Re: [PATCH] bfd_mmap_local: Check offset and size
Date: Thu, 4 Apr 2024 17:50:15 +1030	[thread overview]
Message-ID: <Zg5Ur6DXn3Bv40A8@squeak.grove.modra.org> (raw)
In-Reply-To: <20240404013433.613048-1-hjl.tools@gmail.com>

On Wed, Apr 03, 2024 at 06:34:33PM -0700, H.J. Lu wrote:
> Update bfd_mmap_local to return NULL if offset + size > the file size.
> 
> 	* libbfd.c (bfd_mmap_local): Validate offset and size against
> 	the file size.
> ---
>  bfd/libbfd.c | 13 +++++--------
>  1 file changed, 5 insertions(+), 8 deletions(-)
> 
> diff --git a/bfd/libbfd.c b/bfd/libbfd.c
> index 34197b75b5e..400a5a47d2a 100644
> --- a/bfd/libbfd.c
> +++ b/bfd/libbfd.c
> @@ -1072,18 +1072,15 @@ static void *
>  bfd_mmap_local (bfd *abfd, size_t rsize, int prot, void **map_addr,
>  		size_t *map_size)
>  {
> -  if (!_bfd_constant_p (rsize))
> +  ufile_ptr filesize = bfd_get_file_size (abfd);
> +  ufile_ptr offset = bfd_tell (abfd);
> +  if ((offset + rsize) > filesize)

Doesn't need parens around "offset + rsize" here.  Also, can this
expression ever overflow?  If so it would be better written as

  if (filesize < offset
      || filesize - offset < rsize)

>      {
> -      ufile_ptr filesize = bfd_get_file_size (abfd);
> -      if (filesize != 0 && rsize > filesize)
> -	{
> -	  bfd_set_error (bfd_error_file_truncated);
> -	  return NULL;
> -	}
> +      bfd_set_error (bfd_error_file_truncated);
> +      return NULL;
>      }
>  
>    void *mem;
> -  ufile_ptr offset = bfd_tell (abfd);
>    mem = bfd_mmap (abfd, NULL, rsize, prot, MAP_PRIVATE, offset,
>  		  map_addr, map_size);
>    return mem;
> -- 
> 2.44.0

-- 
Alan Modra
Australia Development Lab, IBM

next prev parent reply	other threads:[~2024-04-04  7:20 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-04-04  1:34 H.J. Lu
2024-04-04  7:20 ` Alan Modra [this message]
2024-04-04 13:38   ` H.J. Lu

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=Zg5Ur6DXn3Bv40A8@squeak.grove.modra.org \
    --to=amodra@gmail.com \
    --cc=binutils@sourceware.org \
    --cc=hjl.tools@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).