diff options
| author | Gavin Li <gavin@matician.com> | 2022-11-30 18:26:19 +0100 |
|---|---|---|
| committer | Mark Wielaard <mark@klomp.org> | 2022-12-13 17:40:31 +0100 |
| commit | 9c136cb3007f3c8649a6856c7e2f4fa6aabf76b8 (patch) | |
| tree | d703f069b3eb0da1eb81841b8a5c1ccdcaed091b | |
| parent | 78dd3b32edf55fc8bdc6268163d5d743a84b1075 (diff) | |
| download | elfutils-9c136cb3007f3c8649a6856c7e2f4fa6aabf76b8.tar.gz | |
libdwfl: Read no more than required in dwfl_segment_report_module
Since read_portion and the standard dwfl_elf_phdr_memory_callback
functions make sure to read at least minread bytes there is no need
for dwfl_segment_report_module to check and adjust the data to the
actual buffer size read. Reading beyond the end of the expected data
size (if the buffer read is much larger) actually causes issues when
passing the data to elfXX_xlatetom() because it is possible that
src->d_size is not a multiple of recsize (for ELF_T_DYN, recsize is 16
while the minimum required alignment is 8), causing elfXX_xlatetom()
to return ELF_E_INVALID_DATA.
Signed-off-by: Gavin Li <gavin@matician.com>
Signed-off-by: Mark Wielaard <mark@klomp.org>
| -rw-r--r-- | libdwfl/ChangeLog | 6 | ||||
| -rw-r--r-- | libdwfl/dwfl_segment_report_module.c | 27 |
2 files changed, 8 insertions, 25 deletions
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index 6dd84a6f..68527327 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,9 @@ +2022-11-28 Gavin Li <gavin@matician.com> + Mark Wielaard <mark@klomp.org> + + * dwfl_segment_report_module.c (dwfl_segment_report_module): Remove + data size check after read_portion memory_callback. + 2022-10-21 Yonggang Luo <luoyonggang@gmail.com> * argp-std.c: Don't include unistd.h. diff --git a/libdwfl/dwfl_segment_report_module.c b/libdwfl/dwfl_segment_report_module.c index 287fc002..19fa6ded 100644 --- a/libdwfl/dwfl_segment_report_module.c +++ b/libdwfl/dwfl_segment_report_module.c @@ -441,17 +441,6 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name, start + phoff, xlatefrom.d_size)) goto out; - /* ph_buffer_size will be zero if we got everything from the initial - buffer, otherwise it will be the size of the new buffer that - could be read. */ - if (ph_buffer_size != 0) - { - phnum = ph_buffer_size / phentsize; - if (phnum == 0) - goto out; - xlatefrom.d_size = ph_buffer_size; - } - xlatefrom.d_buf = ph_buffer; bool class32 = ei_class == ELFCLASS32; @@ -533,18 +522,12 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name, /* We calculate from the p_offset of the note segment, because we don't yet know the bias for its p_vaddr. */ const GElf_Addr note_vaddr = start + offset; - void *data; - size_t data_size; + void *data = NULL; + size_t data_size = 0; if (read_portion (&read_state, &data, &data_size, start, segment, note_vaddr, filesz)) continue; /* Next header */ - /* data_size will be zero if we got everything from the initial - buffer, otherwise it will be the size of the new buffer that - could be read. */ - if (data_size != 0) - filesz = data_size; - if (filesz > SIZE_MAX / sizeof (Elf32_Nhdr)) continue; @@ -821,12 +804,6 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const char *name, && ! read_portion (&read_state, &dyn_data, &dyn_data_size, start, segment, dyn_vaddr, dyn_filesz)) { - /* dyn_data_size will be zero if we got everything from the initial - buffer, otherwise it will be the size of the new buffer that - could be read. */ - if (dyn_data_size != 0) - dyn_filesz = dyn_data_size; - if ((dyn_filesz / dyn_entsize) == 0 || dyn_filesz > (SIZE_MAX / dyn_entsize)) goto out; |