This is the mail archive of the
mailing list for the glibc project.
Re: [PATCH] x86/CET: Don't parse beyond the note end
- From: Florian Weimer <fweimer at redhat dot com>
- To: "H.J. Lu" <hjl dot tools at gmail dot com>
- Cc: GNU C Library <libc-alpha at sourceware dot org>, Carlos O'Donell <carlos at redhat dot com>
- Date: Fri, 27 Jul 2018 20:26:24 +0200
- Subject: Re: [PATCH] x86/CET: Don't parse beyond the note end
- References: <CAMe9rOoAQgbtMzftq6UOG_dMvUL3EtAu2Gk3bu_7=Rdt27Ffirstname.lastname@example.org>
On 07/27/2018 08:22 PM, H.J. Lu wrote:
- while (1)
+ while (ptr < ptr_end)
unsigned int type = *(unsigned int *) ptr;
unsigned int datasz = *(unsigned int *) (ptr + 4);
You need 1 byte, but 8 bytes. Why is checking for at least 1 byte
I suppose our position is that we do not care about corrupt binaries.
Is that justification for writing the check this way?