lib/buildid: Fix build ID parsing logic

The parse_build_id_buf does not account Elf32_Nhdr header size
when getting the build id data pointer and returns wrong build
id data as result.

This is problem only stable trees that merged 8fa2b6817a95 fix,
the upstream build id code was refactored and returns proper
build id.

Acked-by: Andrii Nakryiko <andrii@kernel.org>
Fixes: 8fa2b6817a95 ("lib/buildid: harden build ID parsing logic")
Signed-off-by: Jiri Olsa <jolsa@kernel.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

diff --git a/lib/buildid.c b/lib/buildid.c
index e41fb0ee405f639516550c3f3cd7e785932ca3bc..cc5da016b23517376f0caefa712516e47b312b5d 100644 (file)
--- a/lib/buildid.c
+++ b/lib/buildid.c
@@ -40,7 +40,7 @@ static int parse_build_id_buf(unsigned char *build_id,
                    name_sz == note_name_sz &&
                    memcmp(nhdr + 1, note_name, note_name_sz) == 0 &&
                    desc_sz > 0 && desc_sz <= BUILD_ID_SIZE_MAX) {
-                       data = note_start + note_off + ALIGN(note_name_sz, 4);
+                       data = note_start + note_off + sizeof(Elf32_Nhdr) + ALIGN(note_name_sz, 4);
                        memcpy(build_id, data, desc_sz);
                        memset(build_id + desc_sz, 0, BUILD_ID_SIZE_MAX - desc_sz);
                        if (size)