libelf: Fix unsigned overflow check in elf_getdata.

author Mark Wielaard <mjw@redhat.com>

Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)

committer Mark Wielaard <mjw@redhat.com>

Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)
author Mark Wielaard <mjw@redhat.com>
Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)
committer Mark Wielaard <mjw@redhat.com>
Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)
diff --git a/libelf/ChangeLog b/libelf/ChangeLog

index a9d8c6fb292267df1723f1d0e1284e69a12ed133..45e220d09b230983f762970eb3d3cb1a941265ac 100644 (file)
--- a/libelf/ChangeLog
+++ b/libelf/ChangeLog
@@ -1,3 +1,8 @@
+2014-11-13  Mark Wielaard  <mjw@redhat.com>
+
+       * elf_getdata.c (__libelf_set_rawdata_wrlock): Fix unsigned overflow
+       check.
+
  2014-11-08  Mark Wielaard  <mjw@redhat.com>
  
         * elf_begin.c (__libelf_next_arhdr_wrlock): Use mempcpy not __mempcpy.
diff --git a/libelf/elf_getdata.c b/libelf/elf_getdata.c

index 33d35d6f0520c10e41e4bb3ea83d2b4bcf2003f4..1ce1e23b56e0477ad3b214f553ad0de7f8838214 100644 (file)
--- a/libelf/elf_getdata.c
+++ b/libelf/elf_getdata.c
@@ -245,9 +245,8 @@ __libelf_set_rawdata_wrlock (Elf_Scn *scn)
           /* First see whether the information in the section header is
              valid and it does not ask for too much.  Check for unsigned
              overflow.  */
-         if (unlikely (offset + size > elf->maximum_size
-                       || (offset + size + elf->maximum_size
-                           < elf->maximum_size)))
+         if (unlikely (offset > elf->maximum_size
+             || elf->maximum_size - offset < size))
             {
               /* Something is wrong.  */
               __libelf_seterrno (ELF_E_INVALID_SECTION_HEADER);
author	Mark Wielaard <mjw@redhat.com>
	Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)
committer	Mark Wielaard <mjw@redhat.com>
	Thu, 13 Nov 2014 14:43:02 +0000 (15:43 +0100)
libelf/ChangeLog		patch \| blob \| blame \| history
libelf/elf_getdata.c		patch \| blob \| blame \| history