This is the mail archive of the
binutils@sourceware.org
mailing list for the binutils project.
[PATCH 2/4] readelf: Catch potential integer overflow in readelf when processing corrupt binaries.
- From: Christian Eggers <ceggers at gmx dot de>
- To: binutils at sourceware dot org
- Cc: Christian Eggers <ceggers at gmx dot de>
- Date: Sun, 3 Nov 2019 08:57:41 +0100
- Subject: [PATCH 2/4] readelf: Catch potential integer overflow in readelf when processing corrupt binaries.
- References: <20191103075743.25467-1-ceggers@gmx.de>
This extends Nick Cliftons patch from 2019-08-08 for PR 24829
e17869d - Catch potential integer overflow in readelf when processing
corrupt binaries.
to all address checks using the IN_RANGE macro.
* readelf.c (IN_RANGE): Catch potential integer overflow
whilst checking reloc location against section size.
Signed-off-by: Christian Eggers <ceggers@gmx.de>
---
binutils/ChangeLog | 2 ++
binutils/readelf.c | 2 +-
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/binutils/ChangeLog b/binutils/ChangeLog
index 16ed7ed5b0..f25e6365ba 100644
--- a/binutils/ChangeLog
+++ b/binutils/ChangeLog
@@ -1,6 +1,8 @@
2019-11-03 Christian Eggers <ceggers@gmx.de>
* readelf.c (IN_RANGE): Rename parameter OFF to SIZE.
+ * readelf.c (IN_RANGE): Catch potential integer overflow
+ whilst checking reloc location against section size.
2019-10-20 Palmer Dabbelt <palmer@sifive.com>
diff --git a/binutils/readelf.c b/binutils/readelf.c
index 8addb3443e..1854e866d7 100644
--- a/binutils/readelf.c
+++ b/binutils/readelf.c
@@ -12310,7 +12310,7 @@ process_syminfo (Filedata * filedata ATTRIBUTE_UNUSED)
}
#define IN_RANGE(START,END,ADDR,SIZE) \
- (((ADDR) >= (START)) && ((ADDR) + (SIZE) < (END)))
+ (((ADDR) >= (START)) && ((ADDR) < (END)) && ((ADDR) + (SIZE) < (END)))
/* Check to see if the given reloc needs to be handled in a target specific
manner. If so then process the reloc and return TRUE otherwise return
--
2.16.4