diff options
| author | Mark Wielaard <mark@klomp.org> | 2021-12-19 20:53:34 +0100 |
|---|---|---|
| committer | Mark Wielaard <mark@klomp.org> | 2021-12-19 20:53:34 +0100 |
| commit | bc14c148a6ad9b84bda428bd3bc75028515f0151 (patch) | |
| tree | 61954ad75e010532f4f393cc1835829818a95136 /libdwfl | |
| parent | libdwfl: Make sure that ph_buffer_size has room for at least one phdr (diff) | |
| download | elfutils-bc14c148a6ad9b84bda428bd3bc75028515f0151.tar.gz elfutils-bc14c148a6ad9b84bda428bd3bc75028515f0151.tar.bz2 elfutils-bc14c148a6ad9b84bda428bd3bc75028515f0151.tar.xz | |
libdwfl: Make sure dyn_filesz has a sane size
In dwfl_segment_report_module dyn_filesz should be able to hold at
least one Elf_Dyn element, and not be larger than possible.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Diffstat (limited to 'libdwfl')
| -rw-r--r-- | libdwfl/ChangeLog | 6 | ||||
| -rw-r--r-- | libdwfl/dwfl_segment_report_module.c | 3 |
2 files changed, 9 insertions, 0 deletions
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index 38e2bdaa..1f83576d 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog | |||
| @@ -1,6 +1,12 @@ | |||
| 1 | 2021-12-08 Mark Wielaard <mark@klomp.org> | 1 | 2021-12-08 Mark Wielaard <mark@klomp.org> |
| 2 | 2 | ||
| 3 | * dwfl_segment_report_module.c (dwfl_segment_report_module): Make sure | 3 | * dwfl_segment_report_module.c (dwfl_segment_report_module): Make sure |
| 4 | that dyn_filesz can contain at least one Elf_Dyn and isn't larger than | ||
| 5 | possible. | ||
| 6 | |||
| 7 | 2021-12-08 Mark Wielaard <mark@klomp.org> | ||
| 8 | |||
| 9 | * dwfl_segment_report_module.c (dwfl_segment_report_module): Make sure | ||
| 4 | that ph_buffer_size has room for at least one phdr. | 10 | that ph_buffer_size has room for at least one phdr. |
| 5 | 11 | ||
| 6 | 2021-12-08 Mark Wielaard <mark@klomp.org> | 12 | 2021-12-08 Mark Wielaard <mark@klomp.org> |
diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c index 840d6f44..78c70795 100644 --- a/libdwfl/dwfl_segment_report_module.c +++ b/libdwfl/dwfl_segment_report_module.c | |||
| @@ -787,6 +787,9 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name, | |||
| 787 | if (dyn_data_size != 0) | 787 | if (dyn_data_size != 0) |
| 788 | dyn_filesz = dyn_data_size; | 788 | dyn_filesz = dyn_data_size; |
| 789 | 789 | ||
| 790 | if ((dyn_filesz / dyn_entsize) == 0 | ||
| 791 | || dyn_filesz > (SIZE_MAX / dyn_entsize)) | ||
| 792 | goto out; | ||
| 790 | void *dyns = malloc (dyn_filesz); | 793 | void *dyns = malloc (dyn_filesz); |
| 791 | Elf32_Dyn *d32 = dyns; | 794 | Elf32_Dyn *d32 = dyns; |
| 792 | Elf64_Dyn *d64 = dyns; | 795 | Elf64_Dyn *d64 = dyns; |