summaryrefslogtreecommitdiffstats
path: root/libelf/elf_getdata.c
diff options
context:
space:
mode:
Diffstat (limited to 'libelf/elf_getdata.c')
-rw-r--r--libelf/elf_getdata.c12
1 files changed, 7 insertions, 5 deletions
diff --git a/libelf/elf_getdata.c b/libelf/elf_getdata.c
index bc9f26ae..0aeb9972 100644
--- a/libelf/elf_getdata.c
+++ b/libelf/elf_getdata.c
@@ -170,9 +170,9 @@ int
internal_function
__libelf_set_rawdata_wrlock (Elf_Scn *scn)
{
- size_t offset;
- size_t size;
- size_t align;
+ Elf64_Off offset;
+ Elf64_Xword size;
+ Elf64_Xword align;
int type;
Elf *elf = scn->elf;
@@ -243,8 +243,10 @@ __libelf_set_rawdata_wrlock (Elf_Scn *scn)
if (elf->map_address != NULL)
{
/* First see whether the information in the section header is
- valid and it does not ask for too much. */
- if (unlikely (offset + size > elf->maximum_size))
+ valid and it does not ask for too much. Check for unsigned
+ overflow. */
+ if (unlikely (offset > elf->maximum_size
+ || elf->maximum_size - offset < size))
{
/* Something is wrong. */
__libelf_seterrno (ELF_E_INVALID_SECTION_HEADER);
generated by cgit v1.2.3 (git 2.25.1) at 2025-12-20 03:51:26 +0000