libdw, readelf, elflint: Add get_(u|s)leb128 guards

Add sanity check making sure an leb128 isn't being read beyond the end of the current data segment. Most code already had these guards, but some were missing. This makes sure an appropriate error is generated instead. Signed-off-by: Mark Wielaard <mark@klomp.org>
author: Mark Wielaard <mark@klomp.org> 2023-02-08 16:53:24 +0100
committer: Mark Wielaard <mark@klomp.org> 2023-02-14 16:45:10 +0100
commit: 922068cebba6ed0dfc2da0a9e40e3e1b63e0aca9 (patch)
tree: de05636616a8ab25c9504fca479c641490d61f22 /src/ChangeLog
parent: e444d60a341b7b9bc3ae763a843d3e7190234ca9 (diff)
download: elfutils-922068cebba6ed0dfc2da0a9e40e3e1b63e0aca9.tar.gz
1 files changed, 12 insertions, 0 deletions
diff --git a/src/ChangeLog b/src/ChangeLog
index 915494f2..699d98ee 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,15 @@
+2023-02-12  Mark Wielaard  <mark@klomp.org>
+
+	* readelf.c (print_attributes): Add comment about check.
+	(read_encoded): Check readp >= endp before reading
+	DW_EH_PE_uleb128 and DW_EH_PE_sleb128.
+	* elflint.c (check_attributes): Check r >= q before reading
+	uleb128.
+	(print_debug_frame_section): Check augmentation length can be read
+	as uleb128.
+	(print_debug_exception_table): Likewise for ttype_base_offset,
+	call_site_table_len and action.
+
 2023-01-22  Mark Wielaard  <mark@klomp.org>
 
 	* addr2line.c (options): Separate --demangle and -C.
author	Mark Wielaard <mark@klomp.org>	2023-02-08 16:53:24 +0100
committer	Mark Wielaard <mark@klomp.org>	2023-02-14 16:45:10 +0100
commit	922068cebba6ed0dfc2da0a9e40e3e1b63e0aca9 (patch)
tree	de05636616a8ab25c9504fca479c641490d61f22 /src/ChangeLog
parent	e444d60a341b7b9bc3ae763a843d3e7190234ca9 (diff)
download	elfutils-922068cebba6ed0dfc2da0a9e40e3e1b63e0aca9.tar.gz