[PATCH 5/8] libctf: don't dereference out-of-bounds locations in the qualifier hashtab
Hans-Peter Nilsson
hp@bitrange.com
Thu Mar 25 00:02:06 GMT 2021
On Wed, 24 Mar 2021, Nick Alcock via Binutils wrote:
> diff --git a/libctf/ctf-lookup.c b/libctf/ctf-lookup.c
> index 9d1e6d8a4a2..e50c868c5b8 100644
> --- a/libctf/ctf-lookup.c
> +++ b/libctf/ctf-lookup.c
> @@ -111,10 +111,13 @@ isqualifier (const char *s, size_t len)
> };
>
> int h = s[len - 1] + (int) len - 105;
> +
> + if (h < 0 || (size_t) h >= sizeof (qhash) / sizeof (qhash[0]))
> + return 0;
> +
> const struct qual *qp = &qhash[h];
Do we allow C99 these days? In recent messages I got the
impression that we're still battling with pre-C90 artefacts.
If not, watch out for the declaration-after-statement there.
brgds, H-P
More information about the Binutils
mailing list