This is the mail archive of the elfutils-devel@sourceware.org mailing list for the elfutils project.

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]
Other format:	[Raw text]

Re: [PATCH] libelf: Add n_namesz offset overflow check to gelf_get_note.

From: Mark Wielaard <mark at klomp dot org>
To: elfutils-devel at sourceware dot org
Date: Sat, 4 May 2019 21:57:46 +0200
Subject: Re: [PATCH] libelf: Add n_namesz offset overflow check to gelf_get_note.
References: <1556718959-23315-1-git-send-email-mark@klomp.org>

On Wed, May 01, 2019 at 03:55:59PM +0200, Mark Wielaard wrote:
> During fuzzing of the new xlate_notes testcase I noticed that
> gelf_get_note didn't check whether the n_namesz of a note was
> too big. This could lead to offset wrapping around. Causing an
> infinite loop going over all ELF notes. Fix by adding an overflow
> check before updating offset.

Pushed to master.

References:
- [PATCH] libelf: Add n_namesz offset overflow check to gelf_get_note.
  - From: Mark Wielaard

Index Nav:	[Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav:	[Date Prev] [Date Next]	[Thread Prev] [Thread Next]