This is the mail archive of the libc-alpha@sourceware.org mailing list for the glibc project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH] x86/CET: Don't parse beyond the note end


On 07/27/2018 08:47 PM, H.J. Lu wrote:
On Fri, Jul 27, 2018 at 11:26 AM, Florian Weimer <fweimer@redhat.com> wrote:
On 07/27/2018 08:22 PM, H.J. Lu wrote:

-         while (1)
+         while (ptr < ptr_end)
             {
               unsigned int type = *(unsigned int *) ptr;
               unsigned int datasz = *(unsigned int *) (ptr + 4);


You need 1 byte, but 8 bytes.  Why is checking for at least 1 byte
sufficient here?


There is:

           /* Check for invalid property.  */
           if (note->n_descsz < 8
               || (note->n_descsz % sizeof (ElfW(Addr))) != 0)
             break;

before that.   n_descsz should be correct.

I do not have a strong opinion regarding this matter. For correctly generated notes, your patch should be fine.

Thanks,
Florian


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]