[Bug tools/23011] Infinite loop in handle_sysv_hash (src/readelf.c)
mark at klomp dot org
sourceware-bugzilla@sourceware.org
Wed Mar 28 19:25:00 GMT 2018
https://sourceware.org/bugzilla/show_bug.cgi?id=23011
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |mark at klomp dot org
--- Comment #1 from Mark Wielaard <mark at klomp dot org> ---
ewww nasty. The idea is that the bucket entries point to the (first) symbol for
a particular hash. If that symbol is not the one needed then you look whether
there are other symbols with the same hash value in the chain. There are as
many chain entries as symbols, and for each symbol n, chain[n] is either zero
if there are no other symbols with the same hash, or it is the value of the
next symbol with the same hash (for the last one the chain entry is zero).
There are obviously not supposed to be "loops" in the chain. The easiest to
check would be the limit the number of chains to follow to the number of
symbols, which is equal the total number of chain entries (nchain).
Note that the same could happen in handle_sysv_hash64 which uses the same kind
of bucket chain loop.
--
You are receiving this mail because:
You are on the CC list for the bug.
More information about the Elfutils-devel
mailing list