From mboxrd@z Thu Jan  1 00:00:00 1970
Content-Type: multipart/mixed; boundary="===============5093096854091451742=="
MIME-Version: 1.0
From: Mark Wielaard <mjw@redhat.com>
To: elfutils-devel@lists.fedorahosted.org
Subject: Re: [PATCH] libelf: Sanity check offset and size before trying to
 malloc and read data.
Date: Thu, 10 Nov 2016 12:13:34 +0100
Message-ID: <1478776414.14569.111.camel@redhat.com>
In-Reply-To: 1477056274-23326-1-git-send-email-mjw@redhat.com

--===============5093096854091451742==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: quoted-printable

On Fri, 2016-10-21 at 15:24 +0200, Mark Wielaard wrote:
> Bad sh_off or sh_size could trigger a bad malloc or read. Sanity check
> the header values first before trying to malloc a huge buffer or reading
> any data that will certainly fail.
> =

> https://bugzilla.redhat.com/show_bug.cgi?id=3D1387584

I didn't hear back from the original reporter whether this really solved
their problem. But the change does look correct and desirable. So I have
pushed this to master now.

--===============5093096854091451742==--