diff options
| author | Ed Maste <emaste@FreeBSD.org> | 2019-06-29 15:27:18 +0000 |
|---|---|---|
| committer | Ed Maste <emaste@FreeBSD.org> | 2019-06-29 15:27:18 +0000 |
| commit | a5b08c1484eac2c6a65e726f550b3189ff84c6c8 (patch) | |
| tree | 01cd9d6d76e2c378b391422460c6f233ead08179 /libelf/elf_data.c | |
| parent | 2b92b30119ed91ed88f102ba9ecc40cd1c046a65 (diff) | |
Notes
Diffstat (limited to 'libelf/elf_data.c')
| -rw-r--r-- | libelf/elf_data.c | 18 |
1 files changed, 11 insertions, 7 deletions
diff --git a/libelf/elf_data.c b/libelf/elf_data.c index bab70d003ceee..6c6acb1441b0e 100644 --- a/libelf/elf_data.c +++ b/libelf/elf_data.c @@ -32,7 +32,7 @@ #include "_libelf.h" -ELFTC_VCSID("$Id: elf_data.c 3632 2018-10-10 21:12:43Z jkoshy $"); +ELFTC_VCSID("$Id: elf_data.c 3732 2019-04-22 11:08:38Z jkoshy $"); Elf_Data * elf_getdata(Elf_Scn *s, Elf_Data *ed) @@ -42,7 +42,7 @@ elf_getdata(Elf_Scn *s, Elf_Data *ed) int elfclass, elftype; size_t count, fsz, msz; struct _Libelf_Data *d; - uint64_t sh_align, sh_offset, sh_size; + uint64_t sh_align, sh_offset, sh_size, raw_size; _libelf_translator_function *xlate; d = (struct _Libelf_Data *) ed; @@ -59,7 +59,8 @@ elf_getdata(Elf_Scn *s, Elf_Data *ed) return (&d->d_data); if (d != NULL) - return (&STAILQ_NEXT(d, d_next)->d_data); + return (STAILQ_NEXT(d, d_next) ? + &STAILQ_NEXT(d, d_next)->d_data : NULL); if (e->e_rawfile == NULL) { /* @@ -91,9 +92,10 @@ elf_getdata(Elf_Scn *s, Elf_Data *ed) return (NULL); } + raw_size = (uint64_t) e->e_rawsize; if ((elftype = _libelf_xlate_shtype(sh_type)) < ELF_T_FIRST || elftype > ELF_T_LAST || (sh_type != SHT_NOBITS && - (sh_offset > e->e_rawsize || sh_size > e->e_rawsize - sh_offset))) { + (sh_offset > raw_size || sh_size > raw_size - sh_offset))) { LIBELF_SET_ERROR(SECTION, 0); return (NULL); } @@ -116,7 +118,8 @@ elf_getdata(Elf_Scn *s, Elf_Data *ed) count = (size_t) (sh_size / fsz); - msz = _libelf_msize(elftype, elfclass, e->e_version); + if ((msz = _libelf_msize(elftype, elfclass, e->e_version)) == 0) + return (NULL); if (count > 0 && msz > SIZE_MAX / count) { LIBELF_SET_ERROR(RANGE, 0); @@ -215,7 +218,7 @@ elf_rawdata(Elf_Scn *s, Elf_Data *ed) int elf_class; uint32_t sh_type; struct _Libelf_Data *d; - uint64_t sh_align, sh_offset, sh_size; + uint64_t sh_align, sh_offset, sh_size, raw_size; if (s == NULL || (e = s->s_elf) == NULL || e->e_rawfile == NULL) { LIBELF_SET_ERROR(ARGUMENT, 0); @@ -253,8 +256,9 @@ elf_rawdata(Elf_Scn *s, Elf_Data *ed) return (NULL); } + raw_size = (uint64_t) e->e_rawsize; if (sh_type != SHT_NOBITS && - (sh_offset > e->e_rawsize || sh_size > e->e_rawsize - sh_offset)) { + (sh_offset > raw_size || sh_size > raw_size - sh_offset)) { LIBELF_SET_ERROR(SECTION, 0); return (NULL); } |