Re: [PATCH] elf: Properly compute offsets of desc and next note

["H.J. Lu" <hjl dot tools at gmail dot com>]

On Mon, Nov 27, 2017 at 2:24 AM, Nick Clifton <nickc@redhat.com> wrote:
> Hi H.J.
>
> +  /* NB: CORE PT_NOTE segments may have p_align values of 0 or 1.
> +     gABI specifies that PT_NOTE alignment should be aligned to 4
> +     bytes for 32-bit objects and to 8 bytes for 64-bit objects.  If
> +     align is less than 4, we use 4 byte alignment.   */
> +  if (align < 4)
> +    align = 4;
>
> It occurs to me that we probably ought to be paranoid here and check for
> other problematic alignments.  Ie:
>
>   if (align < 4)
>     align = 4;
>   else if (align > 4)
>     align = 8;
>
> Otherwise I bet someone will come up with a fuzzed binary that does something nasty.
>
> Hmm, actually you will probably point out that the checks later on will prevent an
> illegal memory access, so how about this instead:
>
>   if (align < 4)
>     align = 4;
>   else if (align != 4 && align != 8)
>     return FALSE;

I like this one.

> (We probably ought to check the return value from elf_parse_notes() in
> _bfd_elf_make_section_from_shdr as well).

This is a good idea.

> What do you think ?
>
> Cheers
>   Nick

Thanks.

-- 
H.J.