This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
Re: [PATCH] libelf: Sanity check offset and size before trying to malloc and read data.
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Thu, 10 Nov 2016 12:13:34 +0100
- Subject: Re: [PATCH] libelf: Sanity check offset and size before trying to malloc and read data.
On Fri, 2016-10-21 at 15:24 +0200, Mark Wielaard wrote:
> Bad sh_off or sh_size could trigger a bad malloc or read. Sanity check
> the header values first before trying to malloc a huge buffer or reading
> any data that will certainly fail.
>
> https://bugzilla.redhat.com/show_bug.cgi?id=1387584
I didn't hear back from the original reporter whether this really solved
their problem. But the change does look correct and desirable. So I have
pushed this to master now.