From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-pg1-x52f.google.com (mail-pg1-x52f.google.com [IPv6:2607:f8b0:4864:20::52f]) by sourceware.org (Postfix) with ESMTPS id AA2363858D33 for ; Tue, 29 Nov 2022 06:26:58 +0000 (GMT) DMARC-Filter: OpenDMARC Filter v1.4.1 sourceware.org AA2363858D33 Authentication-Results: sourceware.org; dmarc=none (p=none dis=none) header.from=matician.com Authentication-Results: sourceware.org; spf=pass smtp.mailfrom=matician.com Received: by mail-pg1-x52f.google.com with SMTP id f9so12098448pgf.7 for ; Mon, 28 Nov 2022 22:26:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=matician-com.20210112.gappssmtp.com; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:from:to:cc:subject:date:message-id:reply-to; bh=ALahRdDjFofqX8MFp66/J0D2hKccwEqBHj3ZCnbd2Is=; b=vdUB6ufzsAi+Kd2MmDWJFhL+R7XPpLwLDjCzPYCPQ/m+mKhPhWxE2wOM6fz57vGsBf jeR1UZ5rctxYSvymU9BAJfStQ7Na9PDfbH0mVuoXPNc5kL7aRm3Tg28vQyp4rgguEAt7 LOMSjoBIJJjxmDmBoRMeG/QoypxvxrAvqwuOELSSC/1cVPDr42XWJDuh76hRjMZf1xfk zaoFr7YgTIZNkyAU4pimpfyqzAklA1B03FifIKRJIdON4o7/iXW9FTvrDw4NwaznpgIt fPJJGwF5QWLEQmqeWjgacDB2lGHYm/jnD1proJR5tbpcG4aDUBwpSO90wO180qKKr6Zv HAVg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=content-transfer-encoding:mime-version:message-id:date:subject:cc :to:from:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=ALahRdDjFofqX8MFp66/J0D2hKccwEqBHj3ZCnbd2Is=; b=A2fA+PHGfPd4FLkYjIeGVE4kOdqUnERR5JbUaLkuq4HZEVRGGGyyusbEfqZQVTINOx 1GbAU2s28zaRRCxMHbWfC/MA8ntcoN3Dh0uQGC/RCs+6cUvbJneglpxzIughDWaF0r0T FYw9i71j+aj1CHBVg4e/dpIJJsKpdOHOTArYkzTdJ8J3tDPt8FMpyHFXqln8raOPJELr dfP+F+N4PuqAutsuzeFpfTOSdiCyKc6WIWgOfLuJ+N/delKQ8S9HYdBkEWM0Rpdsspw4 s1pRhQorM+MNs3Ezv/40636DiZIz8sa76dQ+8fix/gb1h4oJsOoD58BxWYhzDQJ4Xv2C NxvA== X-Gm-Message-State: ANoB5pla8MSbwhlbQJxlD7a+6lIBS/ZeGx1JB33yEVRUS2eNe3bmSi7F Uk3hdp8a9EIzfuEuthF+fy5P82mj22eMmQ/JL9NwsPSvuOPkgm0+fXvbsV7uMdPsyCGO8yikfe8 3LqF8sxpsiHytD2xoodkMkzLliGUEvtBOtwtR6xp5Y58HQALY/J4kq1p0ahavpny2haHNWMSsL/ ylbg== X-Google-Smtp-Source: AA0mqf5MvZkLKRWgHlZJV51673aIfQLu69BmWhje0O4chxVFlrBd8pbtc3xLGiorr0b1ClelnAUKqg== X-Received: by 2002:a62:828c:0:b0:574:ae6f:61b7 with SMTP id w134-20020a62828c000000b00574ae6f61b7mr21053334pfd.26.1669703217378; Mon, 28 Nov 2022 22:26:57 -0800 (PST) Received: from localhost.localdomain ([2600:1700:42f0:8090::48]) by smtp.gmail.com with ESMTPSA id g8-20020a1709026b4800b001891ea4d133sm9898272plt.12.2022.11.28.22.26.56 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Mon, 28 Nov 2022 22:26:57 -0800 (PST) From: gavin@matician.com To: elfutils-devel@sourceware.org Cc: Mark Wielaard , Gavin Li Subject: [PATCH] libdwfl: Read no more than required to parse dynamic sections Date: Mon, 28 Nov 2022 22:26:53 -0800 Message-Id: <20221129062653.298772-1-gavin@matician.com> X-Mailer: git-send-email 2.38.1 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Spam-Status: No, score=-13.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,DKIM_VALID,GIT_PATCH_0,RCVD_IN_DNSWL_NONE,SPF_HELO_NONE,SPF_PASS,TXREP autolearn=ham autolearn_force=no version=3.4.6 X-Spam-Checker-Version: SpamAssassin 3.4.6 (2021-04-09) on server2.sourceware.org List-Id: From: Gavin Li Since size checking has been moved to dwfl_elf_phdr_memory_callback(), there is no longer a need for dwfl_segment_report_module() to enforce the same. Reading beyond the end of the dynamic section actually causes issues when passing the data to elfXX_xlatetom() because it is possible that src->d_size is not a multiple of recsize (for ELF_T_DYN, recsize is 16 while the minimum required alignment is 8), causing elfXX_xlatetom() to return ELF_E_INVALID_DATA. Signed-off-by: Gavin Li --- libdwfl/dwfl_segment_report_module.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c index 287fc002..08aca0eb 100644 --- a/libdwfl/dwfl_segment_report_module.c +++ b/libdwfl/dwfl_segment_report_module.c @@ -821,12 +821,6 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name, && ! read_portion (&read_state, &dyn_data, &dyn_data_size, start, segment, dyn_vaddr, dyn_filesz)) { - /* dyn_data_size will be zero if we got everything from the initial - buffer, otherwise it will be the size of the new buffer that - could be read. */ - if (dyn_data_size != 0) - dyn_filesz = dyn_data_size; - if ((dyn_filesz / dyn_entsize) == 0 || dyn_filesz > (SIZE_MAX / dyn_entsize)) goto out; -- 2.38.1