aboutsummaryrefslogtreecommitdiff
path: root/libelf/elf_rand.c
diff options
context:
space:
mode:
authorEd Maste <emaste@FreeBSD.org>2019-06-29 15:27:18 +0000
committerEd Maste <emaste@FreeBSD.org>2019-06-29 15:27:18 +0000
commita5b08c1484eac2c6a65e726f550b3189ff84c6c8 (patch)
tree01cd9d6d76e2c378b391422460c6f233ead08179 /libelf/elf_rand.c
parent2b92b30119ed91ed88f102ba9ecc40cd1c046a65 (diff)
vendor/elftoolchain/elftoolchain-r3769vendor/elftoolchain
Notes
Diffstat (limited to 'libelf/elf_rand.c')
-rw-r--r--libelf/elf_rand.c13
1 files changed, 11 insertions, 2 deletions
diff --git a/libelf/elf_rand.c b/libelf/elf_rand.c
index eb2c9eaa2c1a..ac3bd0bc60e0 100644
--- a/libelf/elf_rand.c
+++ b/libelf/elf_rand.c
@@ -29,16 +29,25 @@
#include "_libelf.h"
-ELFTC_VCSID("$Id: elf_rand.c 3174 2015-03-27 17:13:41Z emaste $");
+ELFTC_VCSID("$Id: elf_rand.c 3716 2019-03-18 22:01:01Z jkoshy $");
off_t
elf_rand(Elf *ar, off_t offset)
{
struct ar_hdr *arh;
+ off_t offset_of_member;
if (ar == NULL || ar->e_kind != ELF_K_AR ||
(offset & 1) || offset < SARMAG ||
- (size_t) offset + sizeof(struct ar_hdr) >= ar->e_rawsize) {
+ offset >= ar->e_rawsize) {
+ LIBELF_SET_ERROR(ARGUMENT, 0);
+ return 0;
+ }
+
+ offset_of_member = offset + (off_t) sizeof(struct ar_hdr);
+
+ if (offset_of_member <= 0 || /* Numeric overflow. */
+ offset_of_member >= ar->e_rawsize) {
LIBELF_SET_ERROR(ARGUMENT, 0);
return 0;
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-08-12 21:46:09 +0000