This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
Re: [PATCH] libelf: Add some ar header sanity checking.
- From: Mark Wielaard <mjw at redhat dot com>
- To: elfutils-devel at lists dot fedorahosted dot org
- Date: Mon, 15 Dec 2014 10:04:00 +0100
- Subject: Re: [PATCH] libelf: Add some ar header sanity checking.
On Thu, 2014-12-11 at 16:30 +0100, Mark Wielaard wrote:
> Don't allow entries or size to overflow the parent file size.
>
> +2014-12-11 Mark Wielaard <mjw@redhat.com>
> +
> + * elf_begin.c (read_long_names): Check for offset overflow.
> + (__libelf_next_arhdr_wrlock): Likewise. Sanity check the ar_size.
> + Don't allow it to go beyond end of file.
I pushed this to master.