diff options
author | Roland McGrath <roland@redhat.com> | 2009-04-14 02:38:19 -0700 |
---|---|---|
committer | Roland McGrath <roland@redhat.com> | 2009-04-14 02:38:19 -0700 |
commit | fa25326f44d65e0b1ee849cbd0da99c2808e1089 (patch) | |
tree | 3e69934d0198e6d0c2ce867df6fe248a24ffc765 /libdwfl/core-file.c | |
parent | 04a14163323bc4d2d335909a2af7259bc53ddf8b (diff) | |
download | elfutils-fa25326f44d65e0b1ee849cbd0da99c2808e1089.tar.gz |
Fix RHBZ#494858: fix bad address checks in core file support.
Diffstat (limited to 'libdwfl/core-file.c')
-rw-r--r-- | libdwfl/core-file.c | 14 |
1 files changed, 10 insertions, 4 deletions
diff --git a/libdwfl/core-file.c b/libdwfl/core-file.c index bc881eb9..77f208cc 100644 --- a/libdwfl/core-file.c +++ b/libdwfl/core-file.c @@ -1,5 +1,5 @@ /* Core file handling. - Copyright (C) 2008 Red Hat, Inc. + Copyright (C) 2008, 2009 Red Hat, Inc. This file is part of Red Hat elfutils. Red Hat elfutils is free software; you can redistribute it and/or modify @@ -278,7 +278,7 @@ dwfl_elf_phdr_memory_callback (Dwfl *dwfl, int ndx, do if (unlikely (gelf_getphdr (elf, ndx++, &phdr) == NULL)) - return true; + return false; while (phdr.p_type != PT_LOAD || ((phdr.p_vaddr + phdr.p_memsz + align - 1) & -align) <= vaddr); @@ -320,8 +320,14 @@ dwfl_elf_phdr_memory_callback (Dwfl *dwfl, int ndx, if (elf->map_address != NULL) (void) more (elf->maximum_size - start); - if (unlikely (end - start > elf->maximum_size)) - end = start + elf->maximum_size; + /* Make sure we don't look past the end of the actual file, + even if the headers tell us to. */ + if (unlikely (end > elf->maximum_size)) + end = elf->maximum_size; + + /* If the file is too small, there is nothing at all to get. */ + if (unlikely (start >= end)) + return false; if (elf->map_address != NULL) { |