espressif/binutils-gdb
1
0
Fork 0
mirror of https://github.com/espressif/binutils-gdb.git synced 2025-06-22 02:50:08 +08:00
Code Issues Packages Projects Releases Wiki Activity

Prevent a buffer overrun error when attempting to parse a corrupt ELF file.

Browse Source 
PR 24273
	* elf.c (bfd_elf_string_from_elf_section): Check for a string
	section that is not NUL terminated.
This commit is contained in:
Nick Clifton
2019-02-28 14:30:20 +00:00
parent 9c4c331816
commit eed5def8d0
2 changed files with 17 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
bfd/ChangeLog
View File

@ -1,3 +1,9 @@
2019-02-28 Nick Clifton <nickc@redhat.com>
PR 24273
* elf.c (bfd_elf_string_from_elf_section): Check for a string
section that is not NUL terminated.
2019-02-27 H.J. Lu <hongjiu.lu@intel.com> 2019-02-27 H.J. Lu <hongjiu.lu@intel.com>
PR ld/24276 PR ld/24276

10
bfd/elf.c
View File

@ -351,6 +351,16 @@ bfd_elf_string_from_elf_section (bfd *abfd,
if (bfd_elf_get_str_section (abfd, shindex) == NULL) if (bfd_elf_get_str_section (abfd, shindex) == NULL)
return NULL; return NULL;
} }
else
{
/* PR 24273: The string section's contents may have already
been loaded elsewhere, eg because a corrupt file has the
string section index in the ELF header pointing at a group
section. So be paranoid, and test that the last byte of
the section is zero. */
if (hdr->sh_size == 0 || hdr->contents[hdr->sh_size - 1] != 0)
return NULL;
}
if (strindex >= hdr->sh_size) if (strindex >= hdr->sh_size)
{ {