diff options
| author | Mark Wielaard <[email protected]> | 2014-02-24 17:44:42 +0100 |
|---|---|---|
| committer | Mark Wielaard <[email protected]> | 2014-02-24 17:44:42 +0100 |
| commit | cb7b2d64b6fdbbb6f18ce07294b2315f60d843bc (patch) | |
| tree | a7359259c90343c4ee7ac98aba8d0d5a7e0c5259 | |
| parent | 43c9c2d0d8422cb584e3c97df5edde5d7be53173 (diff) | |
readelf: More sanity checks before trying to display interpreter string.
Check there is a SHT_PROGBITS section at the offset given by p_offsets for
a PT_INTERP segment before trying to display the interpreter string.
Signed-off-by: Mark Wielaard <[email protected]>
| -rw-r--r-- | src/ChangeLog | 6 | ||||
| -rw-r--r-- | src/readelf.c | 18 |
2 files changed, 22 insertions, 2 deletions
diff --git a/src/ChangeLog b/src/ChangeLog index ad3b2b13..80be466a 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,9 @@ +2014-02-24 Mark Wielaard <[email protected]> + + * readelf (print_phdr): Check there is a SHT_PROGBITS section at the + offset given by p_offsets for a PT_INTERP segment before trying to + display the interpreter string. + 2014-02-07 Mark Wielaard <[email protected]> * readelf.c (print_phdr): Check phdr->p_filesz and make sure diff --git a/src/readelf.c b/src/readelf.c index fb954635..63675c60 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -1187,11 +1187,25 @@ print_phdr (Ebl *ebl, GElf_Ehdr *ehdr) if (phdr->p_type == PT_INTERP) { - /* We can show the user the name of the interpreter. */ + /* If we are sure the file offset is valid then we can show + the user the name of the interpreter. We check whether + there is a section at the file offset. Normally there + would be a section called ".interp". But in separate + .debug files it is a NOBITS section (and so doesn't match + with gelf_offscn). Which probably means the offset is + not valid another reason could be because the ELF file + just doesn't contain any section headers, in that case + just play it safe and don't display anything. */ + + Elf_Scn *scn = gelf_offscn (ebl->elf, phdr->p_offset); + GElf_Shdr shdr_mem; + GElf_Shdr *shdr = gelf_getshdr (scn, &shdr_mem); + size_t maxsize; char *filedata = elf_rawfile (ebl->elf, &maxsize); - if (filedata != NULL && phdr->p_offset < maxsize + if (shdr != NULL && shdr->sh_type == SHT_PROGBITS + && filedata != NULL && phdr->p_offset < maxsize && phdr->p_filesz <= maxsize - phdr->p_offset && memchr (filedata + phdr->p_offset, '\0', phdr->p_filesz) != NULL) |