nm: Check for malloc size argument overflow in show_symbols.

Reported-by: Florian Weimer <fweimer@redhat.com> Signed-off-by: Mark Wielaard <mjw@redhat.com>
author: Mark Wielaard <mjw@redhat.com> 2016-03-21 16:01:02 +0100
committer: Mark Wielaard <mjw@redhat.com> 2016-03-21 16:09:42 +0100
commit: 911f11a0054264ffbfae8f8e400aea52b8d1d620 (patch)
tree: 86e61d9eceea33a1e6bbf83a05b23a92a3c5f5ad /src/nm.c
parent: 9ba245842af829bf4f3530747037993d5bc8b16a (diff)
download: elfutils-911f11a0054264ffbfae8f8e400aea52b8d1d620.tar.gz
1 files changed, 5 insertions, 0 deletions
diff --git a/src/nm.c b/src/nm.c
index 2911afa8..010469da 100644
--- a/src/nm.c
+++ b/src/nm.c
@@ -1311,6 +1311,11 @@ show_symbols (int fd, Ebl *ebl, GElf_Ehdr *ehdr,
      XXX We can use a dirty trick here.  Since GElf_Sym == Elf64_Sym we
      can use the data memory instead of copying again if what we read
      is a 64 bit file.  */
+  if (nentries > SIZE_MAX / sizeof (GElf_SymX))
+    error (EXIT_FAILURE, 0,
+          gettext ("%s: entries (%zd) in section %zd `%s' is too large"),
+          fullname, nentries, elf_ndxscn (scn),
+          elf_strptr (ebl->elf, shstrndx, shdr->sh_name));
   GElf_SymX *sym_mem;
   if (nentries * sizeof (GElf_SymX) < MAX_STACK_ALLOC)
     sym_mem = (GElf_SymX *) alloca (nentries * sizeof (GElf_SymX));
author	Mark Wielaard <mjw@redhat.com>	2016-03-21 16:01:02 +0100
committer	Mark Wielaard <mjw@redhat.com>	2016-03-21 16:09:42 +0100
commit	911f11a0054264ffbfae8f8e400aea52b8d1d620 (patch)
tree	86e61d9eceea33a1e6bbf83a05b23a92a3c5f5ad /src/nm.c
parent	9ba245842af829bf4f3530747037993d5bc8b16a (diff)
download	elfutils-911f11a0054264ffbfae8f8e400aea52b8d1d620.tar.gz