diff options
Diffstat (limited to 'libebl')
-rw-r--r-- | libebl/ChangeLog | 4 | ||||
-rw-r--r-- | libebl/eblobjnote.c | 7 |
2 files changed, 11 insertions, 0 deletions
diff --git a/libebl/ChangeLog b/libebl/ChangeLog index 0174f331..77c22746 100644 --- a/libebl/ChangeLog +++ b/libebl/ChangeLog @@ -1,3 +1,7 @@ +2019-01-16 Mark Wielaard <mark@klomp.org> + + * eblobjnte.c (ebl_object_note): Check pr_datasz isn't too large. + 2018-12-02 Mark Wielaard <mark@klomp.org> * eblobjnte.c (ebl_object_note): For GNU_PROPERTY_STACK_SIZE use diff --git a/libebl/eblobjnote.c b/libebl/eblobjnote.c index c19ea37f..9094715c 100644 --- a/libebl/eblobjnote.c +++ b/libebl/eblobjnote.c @@ -350,6 +350,13 @@ ebl_object_note (Ebl *ebl, uint32_t namesz, const char *name, uint32_t type, desc += 8; descsz -= 8; + if (prop.pr_datasz > descsz) + { + printf ("BAD property datasz: %" PRId32 "\n", + prop.pr_datasz); + return; + } + int elfclass = gelf_getclass (ebl->elf); char *elfident = elf_getident (ebl->elf, NULL); GElf_Ehdr ehdr; |