robustify: libelf.

Signed-off-by: Mark Wielaard <[email protected]>
author: Jakub Jelinek <[email protected]> 2014-01-17 19:36:16 +0100
committer: Mark Wielaard <[email protected]> 2014-01-23 11:31:53 +0100
commit: 720383c53b435de6647edd78060dd7d38ade25a5 (patch)
tree: 7437a0d1e3250ea4916f7caefdff05b218504510 /libelf/elf32_getphdr.c
parent: 58d3619facfb708f4998d73270ca4082b20853b9 (diff)
1 files changed, 11 insertions, 1 deletions
diff --git a/libelf/elf32_getphdr.c b/libelf/elf32_getphdr.c
index a47c9f7a..e74e63fd 100644
--- a/libelf/elf32_getphdr.c
+++ b/libelf/elf32_getphdr.c
@@ -1,5 +1,5 @@
 /* Get ELF program header table.
-   Copyright (C) 1998-2010 Red Hat, Inc.
+   Copyright (C) 1998-2010, 2014 Red Hat, Inc.
    This file is part of elfutils.
    Written by Ulrich Drepper <[email protected]>, 1998.
 
@@ -93,6 +93,16 @@ __elfw2(LIBELFBITS,getphdr_wrlock) (elf)
 
       if (elf->map_address != NULL)
 	{
+	  /* First see whether the information in the ELF header is
+	     valid and it does not ask for too much.  */
+	  if (unlikely (ehdr->e_phoff >= elf->maximum_size)
+	      || unlikely (elf->maximum_size - ehdr->e_phoff < size))
+	    {
+	      /* Something is wrong.  */
+	      __libelf_seterrno (ELF_E_INVALID_PHDR);
+	      goto out;
+	    }
+
 	  /* All the data is already mapped.  Use it.  */
 	  void *file_phdr = ((char *) elf->map_address
 			     + elf->start_offset + ehdr->e_phoff);
author	Jakub Jelinek <[email protected]>	2014-01-17 19:36:16 +0100
committer	Mark Wielaard <[email protected]>	2014-01-23 11:31:53 +0100
commit	720383c53b435de6647edd78060dd7d38ade25a5 (patch)
tree	7437a0d1e3250ea4916f7caefdff05b218504510 /libelf/elf32_getphdr.c
parent	58d3619facfb708f4998d73270ca4082b20853b9 (diff)