diff options
Diffstat (limited to 'libelf/elf32_getphdr.c')
| -rw-r--r-- | libelf/elf32_getphdr.c | 12 |
1 files changed, 11 insertions, 1 deletions
diff --git a/libelf/elf32_getphdr.c b/libelf/elf32_getphdr.c index a47c9f7a..e74e63fd 100644 --- a/libelf/elf32_getphdr.c +++ b/libelf/elf32_getphdr.c @@ -1,5 +1,5 @@ /* Get ELF program header table. - Copyright (C) 1998-2010 Red Hat, Inc. + Copyright (C) 1998-2010, 2014 Red Hat, Inc. This file is part of elfutils. Written by Ulrich Drepper <[email protected]>, 1998. @@ -93,6 +93,16 @@ __elfw2(LIBELFBITS,getphdr_wrlock) (elf) if (elf->map_address != NULL) { + /* First see whether the information in the ELF header is + valid and it does not ask for too much. */ + if (unlikely (ehdr->e_phoff >= elf->maximum_size) + || unlikely (elf->maximum_size - ehdr->e_phoff < size)) + { + /* Something is wrong. */ + __libelf_seterrno (ELF_E_INVALID_PHDR); + goto out; + } + /* All the data is already mapped. Use it. */ void *file_phdr = ((char *) elf->map_address + elf->start_offset + ehdr->e_phoff); |