strip: Verify symbol table is a real symbol table

We didn't check the symbol table referenced from the relocation table
was a real symbol table. This could cause a crash if that section
happened to be an SHT_NOBITS section without any data. Fix this by
adding an explicit check.

       * src/strip.c (INTERNAL_ERROR_MSG): New macro that takes a
       message string to display.
       (INTERNAL_ERROR): Use INTERNAL_ERROR_MSG with elf_errmsg (-1).
       (remove_debug_relocations): Check the sh_link referenced
       section is real and isn't a SHT_NOBITS section.

https://sourceware.org/bugzilla/show_bug.cgi?id=32673

Signed-off-by: Mark Wielaard <mark@klomp.org>

diff --git a/src/strip.c b/src/strip.c
index 3812fb17a3b865381f97baf3e601116a7f272a1b..8d2bb7a959f0c2066e5afae8c4017e455ee30053 100644 (file)
--- a/src/strip.c
+++ b/src/strip.c
@@ -126,13 +126,14 @@ static char *tmp_debug_fname = NULL;
 /* Close debug file descriptor, if opened. And remove temporary debug file.  */
 static void cleanup_debug (void);
 
-#define INTERNAL_ERROR(fname) \
+#define INTERNAL_ERROR_MSG(fname, msg) \
   do { \
     cleanup_debug (); \
     error_exit (0, _("%s: INTERNAL ERROR %d (%s): %s"),                        \
-               fname, __LINE__, PACKAGE_VERSION, elf_errmsg (-1));     \
+               fname, __LINE__, PACKAGE_VERSION, msg); \
   } while (0)
 
+#define INTERNAL_ERROR(fname) INTERNAL_ERROR_MSG(fname, elf_errmsg (-1))
 
 /* Name of the output file.  */
 static const char *output_fname;
@@ -631,7 +632,14 @@ remove_debug_relocations (Ebl *ebl, Elf *elf, GElf_Ehdr *ehdr,
             resolve relocation symbol indexes.  */
          Elf64_Word symt = shdr->sh_link;
          Elf_Data *symdata, *xndxdata;
-         Elf_Scn * symscn = elf_getscn (elf, symt);
+         Elf_Scn *symscn = elf_getscn (elf, symt);
+         GElf_Shdr symshdr_mem;
+         GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
+         if (symshdr == NULL)
+           INTERNAL_ERROR (fname);
+         if (symshdr->sh_type == SHT_NOBITS)
+           INTERNAL_ERROR_MSG (fname, "NOBITS section");
+
          symdata = elf_getdata (symscn, NULL);
          xndxdata = get_xndxdata (elf, symscn);
          if (symdata == NULL)