Fix off64_t overflow when MAXIMUM_SIZE == ~0.

author: Jan Kratochvil <jan.kratochvil@redhat.com> 2011-01-05 10:06:21 +0100
committer: Jan Kratochvil <jan.kratochvil@redhat.com> 2011-01-05 10:06:21 +0100
commit: f1ccc410d6bda15ed49fc5d0fef9f6f65acbfb63 (patch)
tree: f58aefa9afd8bf11376179d8b37b229fbef73fca /libelf
parent: 33d305fc63d88ce163fd3aba41a0dd0e1a74be38 (diff)
download: elfutils-f1ccc410d6bda15ed49fc5d0fef9f6f65acbfb63.tar.gz
2 files changed, 7 insertions, 2 deletions
diff --git a/libelf/ChangeLog b/libelf/ChangeLog
index a8ded88e..d88e2fe5 100644
--- a/libelf/ChangeLog
+++ b/libelf/ChangeLog
@@ -1,3 +1,8 @@
+2011-01-05  Jan Kratochvil  <jan.kratochvil@redhat.com>
+
+	* elf_getdata_rawchunk.c (elf_getdata_rawchunk): Fix off64_t overflow
+	when MAXIMUM_SIZE == ~0.
+
 2010-08-18  Roland McGrath  <roland@redhat.com>
 
 	* gelf_fsize.c (__libelf_type_sizes): Add entries for ELF_T_LIB
diff --git a/libelf/elf_getdata_rawchunk.c b/libelf/elf_getdata_rawchunk.c
index 5af0f7f3..3ec2100a 100644
--- a/libelf/elf_getdata_rawchunk.c
+++ b/libelf/elf_getdata_rawchunk.c
@@ -78,8 +78,8 @@ elf_getdata_rawchunk (elf, offset, size, type)
       return NULL;
     }
 
-  if (unlikely (size > elf->maximum_size
-		|| (off64_t) (elf->maximum_size - size) < offset))
+  if (unlikely (offset < 0 || offset + (off64_t) size < offset
+		|| offset + size > elf->maximum_size))
     {
       /* Invalid request.  */
       __libelf_seterrno (ELF_E_INVALID_OP);
author	Jan Kratochvil <jan.kratochvil@redhat.com>	2011-01-05 10:06:21 +0100
committer	Jan Kratochvil <jan.kratochvil@redhat.com>	2011-01-05 10:06:21 +0100
commit	f1ccc410d6bda15ed49fc5d0fef9f6f65acbfb63 (patch)
tree	f58aefa9afd8bf11376179d8b37b229fbef73fca /libelf
parent	33d305fc63d88ce163fd3aba41a0dd0e1a74be38 (diff)
download	elfutils-f1ccc410d6bda15ed49fc5d0fef9f6f65acbfb63.tar.gz