espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-06 15:38:45 +08:00
Code Issues Packages Projects Releases Wiki Activity

* elfcode.h (elf_object_p): Add more sanity checks on elf header.

Browse Source
This commit is contained in:
Alan Modra
2005-05-09 03:35:38 +00:00
parent a2b9106717
commit 0560d0f70c
2 changed files with 52 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
bfd/ChangeLog
View File

@ -1,3 +1,7 @@
2005-05-09 Alan Modra <amodra@bigpond.net.au>
* elfcode.h (elf_object_p): Add more sanity checks on elf header.
2005-05-08 Dave Korn <dave.korn@artimi.com> 2005-05-08 Dave Korn <dave.korn@artimi.com>
* coff-tic80.c: Undefine _CONST after system headers to prevent * coff-tic80.c: Undefine _CONST after system headers to prevent

44
bfd/elfcode.h
View File

@ -612,8 +612,13 @@ elf_object_p (bfd *abfd)
if (i_ehdrp->e_shoff != 0) if (i_ehdrp->e_shoff != 0)
{ {
bfd_signed_vma where = i_ehdrp->e_shoff;
if (where != (file_ptr) where)
goto got_wrong_format_error;
/* Seek to the section header table in the file. */ /* Seek to the section header table in the file. */
if (bfd_seek (abfd, (file_ptr) i_ehdrp->e_shoff, SEEK_SET) != 0) if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
goto got_no_match; goto got_no_match;
/* Read the first section header at index 0, and convert to internal /* Read the first section header at index 0, and convert to internal
@ -625,13 +630,50 @@ elf_object_p (bfd *abfd)
/* If the section count is zero, the actual count is in the first /* If the section count is zero, the actual count is in the first
section header. */ section header. */
if (i_ehdrp->e_shnum == SHN_UNDEF) if (i_ehdrp->e_shnum == SHN_UNDEF)
{
i_ehdrp->e_shnum = i_shdr.sh_size; i_ehdrp->e_shnum = i_shdr.sh_size;
if (i_ehdrp->e_shnum != i_shdr.sh_size)
goto got_wrong_format_error;
}
/* And similarly for the string table index. */ /* And similarly for the string table index. */
if (i_ehdrp->e_shstrndx == SHN_XINDEX) if (i_ehdrp->e_shstrndx == SHN_XINDEX)
{
i_ehdrp->e_shstrndx = i_shdr.sh_link; i_ehdrp->e_shstrndx = i_shdr.sh_link;
if (i_ehdrp->e_shstrndx != i_shdr.sh_link)
goto got_wrong_format_error;
} }
/* Sanity check that we can read all of the section headers.
It ought to be good enough to just read the last one. */
if (i_ehdrp->e_shnum != 1)
{
/* Check that we don't have a totally silly number of sections. */
if (i_ehdrp->e_shnum > (unsigned int) -1 / sizeof (x_shdr))
goto got_wrong_format_error;
where += (i_ehdrp->e_shnum - 1) * sizeof (x_shdr);
if (where != (file_ptr) where)
goto got_wrong_format_error;
if ((bfd_size_type) where <= i_ehdrp->e_shoff)
goto got_wrong_format_error;
if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
goto got_no_match;
if (bfd_bread (&x_shdr, sizeof x_shdr, abfd) != sizeof (x_shdr))
goto got_no_match;
/* Back to where we were. */
where = i_ehdrp->e_shoff + sizeof (x_shdr);
if (bfd_seek (abfd, (file_ptr) where, SEEK_SET) != 0)
goto got_no_match;
}
}
/* A further sanity check. */
if (i_ehdrp->e_shstrndx >= i_ehdrp->e_shnum)
goto got_wrong_format_error;
/* Allocate space for a copy of the section header table in /* Allocate space for a copy of the section header table in
internal form. */ internal form. */
if (i_ehdrp->e_shnum != 0) if (i_ehdrp->e_shnum != 0)