This is the mail archive of the
elfutils-devel@sourceware.org
mailing list for the elfutils project.
[PATCH] elflint: Sanity check the number of phdrs and shdrs available.
- From: Mark Wielaard <mark at klomp dot org>
- To: elfutils-devel at sourceware dot org
- Cc: Mark Wielaard <mark at klomp dot org>
- Date: Tue, 28 Mar 2017 01:25:34 +0200
- Subject: [PATCH] elflint: Sanity check the number of phdrs and shdrs available.
- Authentication-results: sourceware.org; auth=none
Make sure we can at least read the shnum sections or phnum segments.
Limit the number we do check to those we can actually read.
https://sourceware.org/bugzilla/show_bug.cgi?id=21312
Signed-off-by: Mark Wielaard <mark@klomp.org>
---
src/ChangeLog | 4 ++++
src/elflint.c | 26 ++++++++++++++++++++++++++
2 files changed, 30 insertions(+)
diff --git a/src/ChangeLog b/src/ChangeLog
index bc9bffb..7034152 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,5 +1,9 @@
2017-03-27 Mark Wielaard <mark@klomp.org>
+ * elflint.c (check_elf_header): Sanity check phnum and shnum.
+
+2017-03-27 Mark Wielaard <mark@klomp.org>
+
* elflint.c (check_sysv_hash): Return early if section size is
too small.
(check_sysv_hash64): Likewise.
diff --git a/src/elflint.c b/src/elflint.c
index 5e95ca9..6c83a77 100644
--- a/src/elflint.c
+++ b/src/elflint.c
@@ -456,6 +456,19 @@ invalid number of section header table entries\n"));
ERROR (gettext ("invalid section header index\n"));
}
+ /* Check the shdrs actually exist. */
+ unsigned int scnt;
+ Elf_Scn *scn = NULL;
+ for (scnt = 1; scnt < shnum; ++scnt)
+ {
+ scn = elf_nextscn (ebl->elf, scn);
+ if (scn == NULL)
+ break;
+ }
+ if (scnt < shnum)
+ ERROR (gettext ("Can only check %u headers, shnum was %u\n"), scnt, shnum);
+ shnum = scnt;
+
phnum = ehdr->e_phnum;
if (ehdr->e_phnum == PN_XNUM)
{
@@ -474,6 +487,19 @@ invalid number of program header table entries\n"));
}
}
+ /* Check the phdrs actually exist. */
+ unsigned int pcnt;
+ for (pcnt = 0; pcnt < phnum; ++pcnt)
+ {
+ GElf_Phdr phdr_mem;
+ GElf_Phdr *phdr = gelf_getphdr (ebl->elf, pcnt, &phdr_mem);
+ if (phdr == NULL)
+ break;
+ }
+ if (pcnt < phnum)
+ ERROR (gettext ("Can only check %u headers, phnum was %u\n"), pcnt, phnum);
+ phnum = pcnt;
+
/* Check the e_flags field. */
if (!ebl_machine_flag_check (ebl, ehdr->e_flags))
ERROR (gettext ("invalid machine flags: %s\n"),
--
2.9.3