diff options
author | Mike Frysinger <vapier@gentoo.org> | 2015-03-14 02:41:20 -0400 |
---|---|---|
committer | Mike Frysinger <vapier@gentoo.org> | 2015-03-14 02:44:32 -0400 |
commit | 2b082492cbe31270c7a74f1127a3433091b43db6 (patch) | |
tree | 4804bad544500c8fb4b283a00b8442ae12c586fd /scanelf.c | |
parent | tests: clean up a bit (diff) | |
download | pax-utils-2b082492cbe31270c7a74f1127a3433091b43db6.tar.gz pax-utils-2b082492cbe31270c7a74f1127a3433091b43db6.tar.bz2 pax-utils-2b082492cbe31270c7a74f1127a3433091b43db6.zip |
scanelf: handle more corrupt elf symbol tables
Diffstat (limited to 'scanelf.c')
-rw-r--r-- | scanelf.c | 10 |
1 files changed, 7 insertions, 3 deletions
@@ -461,8 +461,9 @@ static char *scanelf_file_phdr(elfobj *elf, char *found_phdr, char *found_relro, Elf ## B ## _Shdr *shdr = SHDR ## B (elf->shdr); \ uint16_t shstrndx = EGET(ehdr->e_shstrndx); \ Elf ## B ## _Shdr *strtbl = shdr + shstrndx; \ - if (shstrndx >= elf->len - sizeof(*strtbl) || !VALID_SHDR(elf, strtbl)) \ - goto skip_this_shdr##B; \ + if (shstrndx * sizeof(*shdr) >= elf->len - sizeof(*shdr) || \ + !VALID_SHDR(elf, strtbl)) \ + goto corrupt_shdr; \ /* let's flag -w/+x object files since the final ELF will most likely \ * need write access to the stack (who doesn't !?). so the combined \ * output will bring in +w automatically and that's bad. \ @@ -489,7 +490,6 @@ static char *scanelf_file_phdr(elfobj *elf, char *found_phdr, char *found_relro, break; \ } \ } \ - skip_this_shdr##B: \ if (!multi_stack) { \ if (file_matches_list(elf->filename, qa_execstack)) \ return NULL; \ @@ -506,6 +506,10 @@ static char *scanelf_file_phdr(elfobj *elf, char *found_phdr, char *found_relro, return NULL; else return ret; + + corrupt_shdr: + warnf("%s: section table is corrupt", elf->filename); + return NULL; } /* |