From: Mark Wielaard <mark@klomp.org>
Date: Fri, 7 Feb 2020 17:20:46 +0000 (+0100)
Subject: elflint: Check sh_info for symtab isn't too big.
X-Git-Tag: elfutils-0.179~35
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=f4354082ba7c9d7d7c88b69a41db34f4f8a88ab5;p=thirdparty%2Felfutils.git

elflint: Check sh_info for symtab isn't too big.

The sh_info field of the symtab says how many symbols are in the
section. Make sure at least that many symbols fit in the section.

Reported-by: Ulrich Drepper <drepper@redhat.com>
Signed-off-by: Mark Wielaard <mark@klomp.org>
---

diff --git a/src/ChangeLog b/src/ChangeLog
index 7ce9e54bc..e351318bf 100644
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2020-02-07  Mark Wielaard  <mark@klomp.org>
+
+	* elflint.c (check_symtab): Check st_info isn't too big.
+
 2020-01-16  Mark Wielaard  <mark@klomp.org>
 
 	* nm.c (show_symbols_sysv): Iterate over all symbols starting
diff --git a/src/elflint.c b/src/elflint.c
index 684b794e3..78d485e32 100644
--- a/src/elflint.c
+++ b/src/elflint.c
@@ -658,6 +658,10 @@ section [%2d] '%s': symbol table cannot have more than one extended index sectio
     ERROR (gettext ("\
 section [%2u] '%s': entry size is does not match ElfXX_Sym\n"),
 	   idx, section_name (ebl, idx));
+  else if (shdr->sh_info > shdr->sh_size / sh_entsize)
+    ERROR (gettext ("\
+section [%2u] '%s': number of local entries in 'st_info' larger than table size\n"),
+	   idx, section_name (ebl, idx));
 
   /* Test the zeroth entry.  */
   GElf_Sym sym_mem;