From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <elfutils-devel-return-6462-listarch-elfutils-devel=sourceware.org@sourceware.org>
Received: (qmail 107147 invoked by alias); 28 Dec 2017 23:37:33 -0000
Mailing-List: contact elfutils-devel-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Id: <elfutils-devel.sourceware.org>
List-Post: <mailto:elfutils-devel@sourceware.org>
List-Help: <mailto:elfutils-devel-help@sourceware.org>
List-Subscribe: <mailto:elfutils-devel-subscribe@sourceware.org>
Sender: elfutils-devel-owner@sourceware.org
Received: (qmail 107136 invoked by uid 89); 28 Dec 2017 23:37:32 -0000
Authentication-Results: sourceware.org; auth=none
X-Virus-Checked: by ClamAV 0.99.2 on sourceware.org
X-Virus-Found: No
X-Spam-SWARE-Status: No, score=-25.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_LAZY_DOMAIN_SECURITY autolearn=ham version=3.3.2 spammy=H*MI:6492
X-Spam-Status: No, score=-25.9 required=5.0 tests=BAYES_00,GIT_PATCH_0,GIT_PATCH_1,GIT_PATCH_2,GIT_PATCH_3,KAM_LAZY_DOMAIN_SECURITY autolearn=ham version=3.3.2
X-Spam-Checker-Version: SpamAssassin 3.3.2 (2011-06-06) on sourceware.org
X-Spam-Level:
X-HELO: gnu.wildebeest.org
Received: from wildebeest.demon.nl (HELO gnu.wildebeest.org) (212.238.236.112) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Thu, 28 Dec 2017 23:37:31 +0000
Received: from stream.wildebeest.org (deer0x13.wildebeest.org [172.31.17.149])	(using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits))	(No client certificate requested)	by gnu.wildebeest.org (Postfix) with ESMTPSA id 33E9E302BAA3;	Fri, 29 Dec 2017 00:37:28 +0100 (CET)
Received: by stream.wildebeest.org (Postfix, from userid 1000)	id 52036100736; Fri, 29 Dec 2017 00:37:28 +0100 (CET)
From: Mark Wielaard <mark@klomp.org>
To: elfutils-devel@sourceware.org
Cc: Mark Wielaard <mark@klomp.org>
Subject: [COMMITTED] libdw: Check there is .debug_info/types section data in __libdw_offdie.
Date: Thu, 28 Dec 2017 23:37:00 -0000
Message-Id: <20171228233723.6492-1-mark@klomp.org>
X-Mailer: git-send-email 2.14.3
X-Spam-Flag: NO
X-IsSubscribed: yes
X-SW-Source: 2017-q4/txt/msg00127.txt.bz2

If a Dwarf_Die was requested from an offset into a section data that
didn't exist we would crash. Crashing is bad even if given bad input.
Just return an error in that case.

Signed-off-by: Mark Wielaard <mark@klomp.org>
---
 libdw/ChangeLog      | 4 ++++
 libdw/dwarf_offdie.c | 4 ++--
 2 files changed, 6 insertions(+), 2 deletions(-)

diff --git a/libdw/ChangeLog b/libdw/ChangeLog
index eb1cb709..97155de1 100644
--- a/libdw/ChangeLog
+++ b/libdw/ChangeLog
@@ -1,3 +1,7 @@
+2017-12-28  Mark Wielaard  <mark@klomp.org>
+
+	* dwarf_offdie.c (__libdw_offdie): Check sectiondata exists.
+
 2017-05-09  Ulf Hermann  <ulf.hermann@qt.io>
 	    Mark Wielaard  <mark@klomp.org>
 
diff --git a/libdw/dwarf_offdie.c b/libdw/dwarf_offdie.c
index 15f55c22..883720de 100644
--- a/libdw/dwarf_offdie.c
+++ b/libdw/dwarf_offdie.c
@@ -1,5 +1,5 @@
 /* Return DIE at given offset.
-   Copyright (C) 2002-2010 Red Hat, Inc.
+   Copyright (C) 2002-2010, 2017 Red Hat, Inc.
    This file is part of elfutils.
    Written by Ulrich Drepper <drepper@redhat.com>, 2002.
 
@@ -45,7 +45,7 @@ __libdw_offdie (Dwarf *dbg, Dwarf_Off offset, Dwarf_Die *result,
 
   Elf_Data *const data = dbg->sectiondata[debug_types ? IDX_debug_types
 					  : IDX_debug_info];
-  if (offset >= data->d_size)
+  if (data == NULL || offset >= data->d_size)
     {
       __libdw_seterrno (DWARF_E_INVALID_DWARF);
       return NULL;
-- 
2.14.3