+2014-12-16 Mark Wielaard <mjw@redhat.com>
+
+ * elf_begin.c (read_long_names): Make sure long_names len fits
+ in mapped ELF file.
+
2014-12-15 Mark Wielaard <mjw@redhat.com>
* elf_getarsym.c (elf_getarsym): Check index_size doesn't overflow.
char *runp;
if (elf->map_address != NULL)
- /* Simply copy it over. */
- elf->state.ar.long_names = (char *) memcpy (newp,
- elf->map_address + offset
- + sizeof (struct ar_hdr),
- len);
+ {
+ if (len > elf->maximum_size - offset - sizeof (struct ar_hdr))
+ goto too_much;
+ /* Simply copy it over. */
+ elf->state.ar.long_names = (char *) memcpy (newp,
+ elf->map_address + offset
+ + sizeof (struct ar_hdr),
+ len);
+ }
else
{
if (unlikely ((size_t) pread_retry (elf->fildes, newp, len,
+ sizeof (struct ar_hdr))
!= len))
{
+ too_much:
/* We were not able to read all data. */
free (newp);
elf->state.ar.long_names = NULL;
projects / thirdparty / elfutils.git / commitdiff
