diff options
author | Mark Wielaard <mjw@redhat.com> | 2014-12-16 19:43:21 +0100 |
---|---|---|
committer | Mark Wielaard <mjw@redhat.com> | 2014-12-17 16:49:02 +0100 |
commit | 4bb122a87608a1e0f7c27341fe1b3cd05c1462be (patch) | |
tree | ef14682617a1d2dd0b5fdd545e603d91a6b7d9b6 /libelf | |
parent | 7f9ea70d2be1d8c43eeff24b7efaf933c865fd0d (diff) | |
download | elfutils-4bb122a87608a1e0f7c27341fe1b3cd05c1462be.tar.gz |
libelf: Check index_size doesn't overflow in elf_getarsym.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
Diffstat (limited to 'libelf')
-rw-r--r-- | libelf/ChangeLog | 4 | ||||
-rw-r--r-- | libelf/elf_getarsym.c | 3 |
2 files changed, 6 insertions, 1 deletions
diff --git a/libelf/ChangeLog b/libelf/ChangeLog index 7406509e..fe210abb 100644 --- a/libelf/ChangeLog +++ b/libelf/ChangeLog @@ -1,5 +1,9 @@ 2014-12-15 Mark Wielaard <mjw@redhat.com> + * elf_getarsym.c (elf_getarsym): Check index_size doesn't overflow. + +2014-12-15 Mark Wielaard <mjw@redhat.com> + * elf_begin.c (read_long_names): Clear any garbage left in the name table. diff --git a/libelf/elf_getarsym.c b/libelf/elf_getarsym.c index ba88aa0a..40633aa8 100644 --- a/libelf/elf_getarsym.c +++ b/libelf/elf_getarsym.c @@ -182,7 +182,8 @@ elf_getarsym (elf, ptr) tmpbuf[10] = '\0'; size_t index_size = atol (tmpbuf); - if (SARMAG + sizeof (struct ar_hdr) + index_size > elf->maximum_size + if (index_size > elf->maximum_size + || elf->maximum_size - index_size < SARMAG + sizeof (struct ar_hdr) #if SIZE_MAX <= 4294967295U || n >= SIZE_MAX / sizeof (Elf_Arsym) #endif |