From: Mark Wielaard <mjw@redhat.com>
Date: Mon, 24 Feb 2014 16:44:42 +0000 (+0100)
Subject: readelf: More sanity checks before trying to display interpreter string.
X-Git-Tag: elfutils-0.159~36
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=cb7b2d64b6fdbbb6f18ce07294b2315f60d843bc;p=thirdparty%2Felfutils.git

readelf: More sanity checks before trying to display interpreter string.

Check there is a SHT_PROGBITS section at the offset given by p_offsets for
a PT_INTERP segment before trying to display the interpreter string.

Signed-off-by: Mark Wielaard <mjw@redhat.com>
---

diff --git a/src/ChangeLog b/src/ChangeLog
index ad3b2b135..80be466a2 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,9 @@
+2014-02-24  Mark Wielaard  <mjw@redhat.com>
+
+	* readelf (print_phdr): Check there is a SHT_PROGBITS section at the
+	offset given by p_offsets for a PT_INTERP segment before trying to
+	display the interpreter string.
+
 2014-02-07  Mark Wielaard  <mjw@redhat.com>
 
 	* readelf.c (print_phdr): Check phdr->p_filesz and make sure
diff --git a/src/readelf.c b/src/readelf.c
index fb9546359..63675c602 100644
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -1187,11 +1187,25 @@ print_phdr (Ebl *ebl, GElf_Ehdr *ehdr)
 
       if (phdr->p_type == PT_INTERP)
 	{
-	  /* We can show the user the name of the interpreter.  */
+	  /* If we are sure the file offset is valid then we can show
+	     the user the name of the interpreter.  We check whether
+	     there is a section at the file offset.  Normally there
+	     would be a section called ".interp".  But in separate
+	     .debug files it is a NOBITS section (and so doesn't match
+	     with gelf_offscn).  Which probably means the offset is
+	     not valid another reason could be because the ELF file
+	     just doesn't contain any section headers, in that case
+	     just play it safe and don't display anything.  */
+
+	  Elf_Scn *scn = gelf_offscn (ebl->elf, phdr->p_offset);
+	  GElf_Shdr shdr_mem;
+	  GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem);
+
 	  size_t maxsize;
 	  char *filedata = elf_rawfile (ebl->elf, &maxsize);
 
-	  if (filedata != NULL && phdr->p_offset < maxsize
+	  if (shdr != NULL && shdr->sh_type == SHT_PROGBITS
+	      && filedata != NULL && phdr->p_offset < maxsize
 	      && phdr->p_filesz <= maxsize - phdr->p_offset
 	      && memchr (filedata + phdr->p_offset, '\0',
 			 phdr->p_filesz) != NULL)