* Re: [PATCH] libdwfl: Make sure elf_getdata_rawchunk size_t doesn't overflow find_dynsym.
@ 2014-12-16 10:56 Mark Wielaard
0 siblings, 0 replies; 2+ messages in thread
From: Mark Wielaard @ 2014-12-16 10:56 UTC (permalink / raw)
To: elfutils-devel
[-- Attachment #1: Type: text/plain, Size: 256 bytes --]
On Sat, 2014-12-13 at 22:29 +0100, Mark Wielaard wrote:
> +2014-12-13 Mark Wielaard <mjw@redhat.com>
> +
> + * dwfl_module_getdwarf.c (find_dynsym): elf_getdata_rawchunk takes
> + a size_t, make sure it doesn't overflow.
I pushed this to master.
^ permalink raw reply [flat|nested] 2+ messages in thread
* [PATCH] libdwfl: Make sure elf_getdata_rawchunk size_t doesn't overflow find_dynsym.
@ 2014-12-13 21:29 Mark Wielaard
0 siblings, 0 replies; 2+ messages in thread
From: Mark Wielaard @ 2014-12-13 21:29 UTC (permalink / raw)
To: elfutils-devel
[-- Attachment #1: Type: text/plain, Size: 1428 bytes --]
Signed-off-by: Mark Wielaard <mjw@redhat.com>
---
libdwfl/ChangeLog | 5 +++++
libdwfl/dwfl_module_getdwarf.c | 10 +++++++++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog
index 66e642f..99d555f 100644
--- a/libdwfl/ChangeLog
+++ b/libdwfl/ChangeLog
@@ -1,3 +1,8 @@
+2014-12-13 Mark Wielaard <mjw@redhat.com>
+
+ * dwfl_module_getdwarf.c (find_dynsym): elf_getdata_rawchunk takes
+ a size_t, make sure it doesn't overflow.
+
2014-12-09 Mark Wielaard <mjw@redhat.com>
* dwfl_segment_report_module.c (handle_file_note): Check count doesn't
diff --git a/libdwfl/dwfl_module_getdwarf.c b/libdwfl/dwfl_module_getdwarf.c
index c2e9e59..ab9bd48 100644
--- a/libdwfl/dwfl_module_getdwarf.c
+++ b/libdwfl/dwfl_module_getdwarf.c
@@ -768,7 +768,15 @@ find_dynsym (Dwfl_Module *mod)
* sizeof (Elf32_Word)
* header->maskwords));
- data = elf_getdata_rawchunk (mod->main.elf, buckets_at,
+ // elf_getdata_rawchunk takes a size_t, make sure it
+ // doesn't overflow.
+#if SIZE_MAX <= UINT32_MAX
+ if (nbuckets > SIZE_MAX / sizeof (Elf32_Word))
+ data = NULL;
+ else
+#endif
+ data
+ = elf_getdata_rawchunk (mod->main.elf, buckets_at,
nbuckets * sizeof (Elf32_Word),
ELF_T_WORD);
if (data != NULL && symndx < nbuckets)
--
2.1.0
^ permalink raw reply [flat|nested] 2+ messages in thread
end of thread, other threads:[~2014-12-16 10:56 UTC | newest]
Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-16 10:56 [PATCH] libdwfl: Make sure elf_getdata_rawchunk size_t doesn't overflow find_dynsym Mark Wielaard
-- strict thread matches above, loose matches on Subject: below --
2014-12-13 21:29 Mark Wielaard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for read-only IMAP folder(s) and NNTP newsgroup(s).