This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
[PATCH] libdwfl: Make sure elf_getdata_rawchunk size_t doesn't overflow find_dynsym.
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Sat, 13 Dec 2014 22:29:16 +0100
- Subject: [PATCH] libdwfl: Make sure elf_getdata_rawchunk size_t doesn't overflow find_dynsym.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
---
libdwfl/ChangeLog | 5 +++++
libdwfl/dwfl_module_getdwarf.c | 10 +++++++++-
2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog
index 66e642f..99d555f 100644
--- a/libdwfl/ChangeLog
+++ b/libdwfl/ChangeLog
@@ -1,3 +1,8 @@
+2014-12-13 Mark Wielaard <mjw@redhat.com>
+
+ * dwfl_module_getdwarf.c (find_dynsym): elf_getdata_rawchunk takes
+ a size_t, make sure it doesn't overflow.
+
2014-12-09 Mark Wielaard <mjw@redhat.com>
* dwfl_segment_report_module.c (handle_file_note): Check count doesn't
diff --git a/libdwfl/dwfl_module_getdwarf.c b/libdwfl/dwfl_module_getdwarf.c
index c2e9e59..ab9bd48 100644
--- a/libdwfl/dwfl_module_getdwarf.c
+++ b/libdwfl/dwfl_module_getdwarf.c
@@ -768,7 +768,15 @@ find_dynsym (Dwfl_Module *mod)
* sizeof (Elf32_Word)
* header->maskwords));
- data = elf_getdata_rawchunk (mod->main.elf, buckets_at,
+ // elf_getdata_rawchunk takes a size_t, make sure it
+ // doesn't overflow.
+#if SIZE_MAX <= UINT32_MAX
+ if (nbuckets > SIZE_MAX / sizeof (Elf32_Word))
+ data = NULL;
+ else
+#endif
+ data
+ = elf_getdata_rawchunk (mod->main.elf, buckets_at,
nbuckets * sizeof (Elf32_Word),
ELF_T_WORD);
if (data != NULL && symndx < nbuckets)
--
2.1.0