libdw: Add get_uleb128 and get_sleb128 bounds checking.

Both get_uleb128 and get_sleb128 now take an end pointer to prevent reading too much data. Adjust all callers to provide the end pointer. There are still two exceptions. "Raw" dwarf_getabbrevattr and read_encoded_valued don't have a end pointer associated yet. They will have to be provided in the future. Signed-off-by: Mark Wielaard <[email protected]>
author: Mark Wielaard <[email protected]> 2014-12-14 21:48:23 +0100
committer: Mark Wielaard <[email protected]> 2014-12-17 16:35:56 +0100
commit: 7a053473c7bedd22e3db39c444a4cd8f97eace25 (patch)
tree: f98e9e7def17ec051170aaf663419628d84fae78 /libdw/encoded-value.h
parent: 9202665816763fad8524dd78a664dbcaa157b8d4 (diff)
1 files changed, 5 insertions, 3 deletions
diff --git a/libdw/encoded-value.h b/libdw/encoded-value.h
index 4b59f62f..ae9a38f9 100644
--- a/libdw/encoded-value.h
+++ b/libdw/encoded-value.h
@@ -1,5 +1,5 @@
 /* DW_EH_PE_* support for libdw unwinder.
-   Copyright (C) 2009-2010 Red Hat, Inc.
+   Copyright (C) 2009-2010, 2014 Red Hat, Inc.
    This file is part of elfutils.
 
    This file is free software; you can redistribute it and/or modify
@@ -163,11 +163,13 @@ read_encoded_value (const Dwarf_CFI *cache, uint8_t encoding, const uint8_t **p,
       break;
 
     case DW_EH_PE_uleb128:
-      get_uleb128 (value, *p);
+      // XXX we trust there is enough data.
+      get_uleb128 (value, *p, *p + len_leb128 (Dwarf_Addr));
       break;
 
     case DW_EH_PE_sleb128:
-      get_sleb128 (value, *p);
+      // XXX we trust there is enough data.
+      get_sleb128 (value, *p, *p + len_leb128 (Dwarf_Addr));
       break;
 
     default:
author	Mark Wielaard <[email protected]>	2014-12-14 21:48:23 +0100
committer	Mark Wielaard <[email protected]>	2014-12-17 16:35:56 +0100
commit	7a053473c7bedd22e3db39c444a4cd8f97eace25 (patch)
tree	f98e9e7def17ec051170aaf663419628d84fae78 /libdw/encoded-value.h
parent	9202665816763fad8524dd78a664dbcaa157b8d4 (diff)