diff options
author | Mark Wielaard <mark@klomp.org> | 2018-10-19 15:01:29 +0200 |
---|---|---|
committer | Mark Wielaard <mark@klomp.org> | 2018-10-20 00:13:10 +0200 |
commit | 1e7c230b277b6eb82577a3bc4b56ca291c28964d (patch) | |
tree | c49c147eef876edee8ef5fd4592a104f2bfa286e /libasm | |
parent | 22d2d082d57a7470fadc0eae67179553f4919209 (diff) | |
download | elfutils-1e7c230b277b6eb82577a3bc4b56ca291c28964d.tar.gz |
Check sh_entsize is not zero.
There were some recent bug reports where we trusted the ELF section header
to be sane and divided the sh_size by the sh_entsize to get the number of
objects in the section. This would cause a divide by zero if the file was
corrupt and the sh_entsize was zero. Add checks for any such code.
Signed-off-by: Mark Wielaard <mark@klomp.org>
Diffstat (limited to 'libasm')
-rw-r--r-- | libasm/ChangeLog | 4 | ||||
-rw-r--r-- | libasm/disasm_cb.c | 2 |
2 files changed, 6 insertions, 0 deletions
diff --git a/libasm/ChangeLog b/libasm/ChangeLog index 2efd85fa..92dfd729 100644 --- a/libasm/ChangeLog +++ b/libasm/ChangeLog @@ -1,3 +1,7 @@ +2018-10-19 Mark Wielaard <mark@klomp.org> + + * disasm_cb.c (read_symtab_exec): Check sh_entsize is not zero. + 2018-07-04 Ross Burton <ross.burton@intel.com> * asm_end.c: Remove error.h include. diff --git a/libasm/disasm_cb.c b/libasm/disasm_cb.c index cf278c71..80f8b25b 100644 --- a/libasm/disasm_cb.c +++ b/libasm/disasm_cb.c @@ -93,6 +93,8 @@ read_symtab_exec (DisasmCtx_t *ctx) xndxdata = elf_getdata (elf_getscn (ctx->elf, xndxscnidx), NULL); /* Iterate over all symbols. Add all defined symbols. */ + if (shdr->sh_entsize == 0) + continue; int nsyms = shdr->sh_size / shdr->sh_entsize; for (int cnt = 1; cnt < nsyms; ++cnt) { |