Imported Upstream version 0.160

[platform/upstream/elfutils.git] / libelf / elf32_getphdr.c

diff --git a/libelf/elf32_getphdr.c b/libelf/elf32_getphdr.c
index a47c9f7..e74e63f 100644 (file)
--- a/libelf/elf32_getphdr.c
+++ b/libelf/elf32_getphdr.c
@@ -1,5 +1,5 @@
 /* Get ELF program header table.
-   Copyright (C) 1998-2010 Red Hat, Inc.
+   Copyright (C) 1998-2010, 2014 Red Hat, Inc.
    This file is part of elfutils.
    Written by Ulrich Drepper <drepper@redhat.com>, 1998.
 
@@ -93,6 +93,16 @@ __elfw2(LIBELFBITS,getphdr_wrlock) (elf)
 
       if (elf->map_address != NULL)
        {
+         /* First see whether the information in the ELF header is
+            valid and it does not ask for too much.  */
+         if (unlikely (ehdr->e_phoff >= elf->maximum_size)
+             || unlikely (elf->maximum_size - ehdr->e_phoff < size))
+           {
+             /* Something is wrong.  */
+             __libelf_seterrno (ELF_E_INVALID_PHDR);
+             goto out;
+           }
+
          /* All the data is already mapped.  Use it.  */
          void *file_phdr = ((char *) elf->map_address
                             + elf->start_offset + ehdr->e_phoff);