From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <SRS0=UUjp=LJ=gmail.com=amodra@sourceware.org>
Received: from mail-pf1-x436.google.com (mail-pf1-x436.google.com [IPv6:2607:f8b0:4864:20::436])
	by sourceware.org (Postfix) with ESMTPS id 45E703858D34
	for <binutils@sourceware.org>; Thu,  4 Apr 2024 07:20:19 +0000 (GMT)
DMARC-Filter: OpenDMARC Filter v1.4.2 sourceware.org 45E703858D34
Authentication-Results: sourceware.org; dmarc=pass (p=none dis=none) header.from=gmail.com
Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=gmail.com
ARC-Filter: OpenARC Filter v1.0.0 sourceware.org 45E703858D34
Authentication-Results: server2.sourceware.org; arc=none smtp.remote-ip=2607:f8b0:4864:20::436
ARC-Seal: i=1; a=rsa-sha256; d=sourceware.org; s=key; t=1712215222; cv=none;
	b=PCk6QZHHucZktlpqGGqMRc0nxuNfwBZie1Wzn5o2O+nG1q92SiXkuJ6LxbmWJjJ0Uv7D6rGtJOW/2bvU/o4Nb5W/7sMUcOoCOs1vED5t8OLHB0mKQOpepMVBRBSfOsYoqd4xo88YEIMygJK8d+I2NVQL086hTvKJvmYTZEZP0uk=
ARC-Message-Signature: i=1; a=rsa-sha256; d=sourceware.org; s=key;
	t=1712215222; c=relaxed/simple;
	bh=Z+KLlfJ5SB8bVtMOnn69kMyRUqv7gIrs8WUVKHQEMEw=;
	h=DKIM-Signature:Date:From:To:Subject:Message-ID:MIME-Version; b=YM522sb9gKBpndpYbJTWgtMey+43nJjiZbSXPZg3hjnD86ZGWVbwfKeonYBG1PajwHtFwmNmgwiHawatJT7jDT5W5O2xEcGQjYXJTW0Cqw+ywCX5jvicBiblIeOTStZJqJpbVlQciY53eHKvfxClY8QFfxU5l7jgfMAoc2U+Gd8=
ARC-Authentication-Results: i=1; server2.sourceware.org
Received: by mail-pf1-x436.google.com with SMTP id d2e1a72fcca58-6eced6fd98aso284477b3a.0
        for <binutils@sourceware.org>; Thu, 04 Apr 2024 00:20:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20230601; t=1712215218; x=1712820018; darn=sourceware.org;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:from:to:cc:subject:date:message-id:reply-to;
        bh=8iQfasSECOsVkdeHQdK8FJdF1teHcjAR1Gtc7nUt1Wk=;
        b=fqAEY9c3ndpKLkPdo4ox5rka4u3XbAnGgwXG7qiPFBAZ9nudagIudcDNTMZ+OBx+xg
         zFDFGXDz9oj/+aQo+fU8CTmoVraOOtGsacDzxy4cJrBLTJQEnq67bP5136NC6supplYQ
         O5kIhkGE+zPSds8lY64xH8UAp15jygLI7gGXHdRVfFEq7Xyhex+W+PLg3hQ5tuQ3xkbG
         xyj8m5wEajHzsHjgV61dC6HBmKDsRHamHpd1ww9QglenTFqwV9wMsmpaSQyXWAq/MKun
         4e0U2zToBhKpDpRHkmaLIvTClGt8PBTKXo95BbxGa9bNry8ccnm7rA/yzgyJdnQ+TLOZ
         uChA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1712215218; x=1712820018;
        h=in-reply-to:content-disposition:mime-version:references:message-id
         :subject:cc:to:from:date:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=8iQfasSECOsVkdeHQdK8FJdF1teHcjAR1Gtc7nUt1Wk=;
        b=aQwlhv82YN0EvAmzZ5uh/80AswJUueguUkGEySw5rU2SosA13MLNzi7XmYgo4ot+pL
         lRPobFSMPyr6JCAltwPK8ReSPr8vp7KLgbl8M6IoGKlW1cgZ4uByetsaSvn82h6D8vSp
         cMYT4pKtB0AlFKYsvnbDKM7eIORHTGG3OegepXnjEuYKGiLyAR/ajXuz+VdZtJR3w1T3
         GRGXmDjLIZ1u+Xu/mlwofWUbshyKpYF9LwhJnXxYiNoL4RZPOIr+HyFf8bs9IUb+silB
         3qQybV/JTeWfTuSdYaixoGdBufcmrq/j/cqIKEMd5kgY/eBAeaOcGVSIEGkGmEhWuzgl
         3Kug==
X-Gm-Message-State: AOJu0YyojUeOAQt+1fEaH0AtYHTE3Odjmh+3D/m6reoXhhqXC/XgLIrT
	vxWqhzB295F2d1a9sPrfhKMdWubY1nIvHYlPWkcuG8SrAddvvS0uAh/b1frC
X-Google-Smtp-Source: AGHT+IHyjSxi8FYGSWTRW7FlTVhmuvUXZujcIgR2MOh5fiZITMyO23g0iY9o+4Gx3DA/Vs2e5r11mg==
X-Received: by 2002:a05:6a00:1d19:b0:6ea:ad01:3590 with SMTP id a25-20020a056a001d1900b006eaad013590mr2138679pfx.24.1712215218244;
        Thu, 04 Apr 2024 00:20:18 -0700 (PDT)
Received: from squeak.grove.modra.org (158.106.96.58.static.exetel.com.au. [58.96.106.158])
        by smtp.gmail.com with ESMTPSA id j26-20020a62b61a000000b006e73d1c0c0esm12988863pff.154.2024.04.04.00.20.17
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 04 Apr 2024 00:20:17 -0700 (PDT)
Received: by squeak.grove.modra.org (Postfix, from userid 1000)
	id 2763811400F2; Thu,  4 Apr 2024 17:50:15 +1030 (ACDT)
Date: Thu, 4 Apr 2024 17:50:15 +1030
From: Alan Modra <amodra@gmail.com>
To: "H.J. Lu" <hjl.tools@gmail.com>
Cc: binutils@sourceware.org
Subject: Re: [PATCH] bfd_mmap_local: Check offset and size
Message-ID: <Zg5Ur6DXn3Bv40A8@squeak.grove.modra.org>
References: <20240404013433.613048-1-hjl.tools@gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <20240404013433.613048-1-hjl.tools@gmail.com>
X-Spam-Status: No, score=-3033.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,DKIM_VALID_AU,DKIM_VALID_EF,FREEMAIL_FROM,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6
X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org
List-Id: <binutils.sourceware.org>

On Wed, Apr 03, 2024 at 06:34:33PM -0700, H.J. Lu wrote:
> Update bfd_mmap_local to return NULL if offset + size > the file size.
> 
> 	* libbfd.c (bfd_mmap_local): Validate offset and size against
> 	the file size.
> ---
>  bfd/libbfd.c | 13 +++++--------
>  1 file changed, 5 insertions(+), 8 deletions(-)
> 
> diff --git a/bfd/libbfd.c b/bfd/libbfd.c
> index 34197b75b5e..400a5a47d2a 100644
> --- a/bfd/libbfd.c
> +++ b/bfd/libbfd.c
> @@ -1072,18 +1072,15 @@ static void *
>  bfd_mmap_local (bfd *abfd, size_t rsize, int prot, void **map_addr,
>  		size_t *map_size)
>  {
> -  if (!_bfd_constant_p (rsize))
> +  ufile_ptr filesize = bfd_get_file_size (abfd);
> +  ufile_ptr offset = bfd_tell (abfd);
> +  if ((offset + rsize) > filesize)

Doesn't need parens around "offset + rsize" here.  Also, can this
expression ever overflow?  If so it would be better written as

  if (filesize < offset
      || filesize - offset < rsize)

>      {
> -      ufile_ptr filesize = bfd_get_file_size (abfd);
> -      if (filesize != 0 && rsize > filesize)
> -	{
> -	  bfd_set_error (bfd_error_file_truncated);
> -	  return NULL;
> -	}
> +      bfd_set_error (bfd_error_file_truncated);
> +      return NULL;
>      }
>  
>    void *mem;
> -  ufile_ptr offset = bfd_tell (abfd);
>    mem = bfd_mmap (abfd, NULL, rsize, prot, MAP_PRIVATE, offset,
>  		  map_addr, map_size);
>    return mem;
> -- 
> 2.44.0

-- 
Alan Modra
Australia Development Lab, IBM