From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <elfutils-devel-return-6056-listarch-elfutils-devel=sourceware.org@sourceware.org>
Received: (qmail 30685 invoked by alias); 27 Apr 2017 17:51:31 -0000
Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <elfutils-devel.sourceware.org>
List-Post: <mailto:elfutils-devel@sourceware.org>
List-Help: <mailto:elfutils-devel-help@sourceware.org>
List-Subscribe: <mailto:elfutils-devel-subscribe@sourceware.org>
Sender: elfutils-devel-owner@sourceware.org
Received: (qmail 30666 invoked by uid 89); 27 Apr 2017 17:51:30 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Checked: by ClamAV 0.99.2 on sourceware.org
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2 spammy=Hx-languages-length:419, H*M:stream, Protect, protect
X-Spam-Status: No, score=-1.8 required=5.0 tests=AWL,BAYES_00,KAM_LAZY_DOMAIN_SECURITY autolearn=no version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org
X-Spam-Level: 
X-HELO: gnu.wildebeest.org
Date: Thu, 27 Apr 2017 18:24:00 -0000
From: Mark Wielaard <mark@klomp.org>
To: Ulf Hermann <ulf.hermann@qt.io>
Cc: elfutils-devel@sourceware.org
Subject: Re: [PATCH] Protect against integer overflow on shnum
Message-ID: <20170427175134.GA2061@stream>
References: <1c93e96d-a9ad-0c96-abc8-9661dad40b6c@qt.io>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <1c93e96d-a9ad-0c96-abc8-9661dad40b6c@qt.io>
User-Agent: Mutt/1.8.0 (2017-02-23)
X-SW-Source: 2017-q2/txt/msg00112.txt.bz2

On Thu, Apr 20, 2017 at 04:04:54PM +0200, Ulf Hermann wrote:
> If shnum is 0, the many "shnum - 1" would result in an overflow. Check it
> for 0, and only subtract once, rather than on every usage.

Since in both cases this is for the prelink undo section which skips
the zero header this is a more natural way to express shnum.

Applied to master.

Thanks,

Mark