strip.c (relocate): Make offset check overflow-proof.

author Mark Wielaard <mjw@redhat.com>

Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)

committer Mark Wielaard <mjw@redhat.com>

Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)
author Mark Wielaard <mjw@redhat.com>
Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)
committer Mark Wielaard <mjw@redhat.com>
Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)
diff --git a/src/ChangeLog b/src/ChangeLog

index 007236a..cb00bb0 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,7 @@
+2011-05-30  Mark Wielaard  <mjw@redhat.com>
+
+       * strip.c (relocate): Make offset check overflow-proof.
+
  2011-05-23  Mark Wielaard  <mjw@redhat.com>
  
         * strip.c (relocate): Take new arguments is_rela to indicate
diff --git a/src/strip.c b/src/strip.c

index cf6bd97..f135e7c 100644 (file)
--- a/src/strip.c
+++ b/src/strip.c
@@ -1727,7 +1727,8 @@ handle_elf (int fd, Elf *elf, const char *prefix, const char *fname,
                         return false;
                       }
  
-                   if (offset + size > tdata->d_size)
+                   if (offset > tdata->d_size
+                       || tdata->d_size - offset < size)
                       error (0, 0, gettext ("bad relocation"));
  
                     /* When the symbol value is zero then for SHT_REL
author	Mark Wielaard <mjw@redhat.com>
	Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)
committer	Mark Wielaard <mjw@redhat.com>
	Mon, 30 May 2011 15:23:57 +0000 (17:23 +0200)
src/ChangeLog		patch \| blob \| history
src/strip.c		patch \| blob \| history