libelf: Don't crash elf[32|64]_xlateto[fm] on bad arguments.

Check that src and dest aren't NULL and that src->d_type < ELF_T_NUM.

      * elf32_xlatetof.c (elfw2(LIBELFBITS, xlatetof)): Check src, dest
      and src->d_type are valid.
      * elf32_xlatetom.c (elfw2(LIBELFBITS, xlatetom)): Likewise.

Signed-off-by: Mark Wielaard <[email protected]>

2 files changed, 18 insertions, 0 deletions

diff --git a/libelf/elf32_xlatetof.c b/libelf/elf32_xlatetof.c
index ab3e609e..44c75ef0 100644
--- a/libelf/elf32_xlatetof.c
+++ b/libelf/elf32_xlatetof.c
@@ -45,6 +45,15 @@ Elf_Data *
 elfw2(LIBELFBITS, xlatetof) (Elf_Data *dest, const Elf_Data *src,
 			     unsigned int encode)
 {
+  if (src == NULL || dest == NULL)
+    return NULL;
+
+  if (src->d_type >= ELF_T_NUM)
+    {
+      __libelf_seterrno (ELF_E_UNKNOWN_TYPE);
+      return NULL;
+    }
+
   /* First test whether the input data is really suitable for this
      type.  This means, whether there is an integer number of records.
      Note that for this implementation the memory and file size of the
diff --git a/libelf/elf32_xlatetom.c b/libelf/elf32_xlatetom.c
index fa3dc9a7..a1eea842 100644
--- a/libelf/elf32_xlatetom.c
+++ b/libelf/elf32_xlatetom.c
@@ -45,6 +45,15 @@ Elf_Data *
 elfw2(LIBELFBITS, xlatetom) (Elf_Data *dest, const Elf_Data *src,
 			     unsigned int encode)
 {
+  if (src == NULL || dest == NULL)
+    return NULL;
+
+  if (src->d_type >= ELF_T_NUM)
+    {
+      __libelf_seterrno (ELF_E_UNKNOWN_TYPE);
+      return NULL;
+    }
+
   /* First test whether the input data is really suitable for this
      type.  This means, whether there is an integer number of records.
      Note that for this implementation the memory and file size of the