projects / platform / upstream / rpm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 8f41770)
- check size read from elf header (#85297).
authorjbj <devnull@localhost>
Thu, 27 Feb 2003 20:30:53 +0000 (20:30 +0000)
committerjbj <devnull@localhost>
Thu, 27 Feb 2003 20:30:53 +0000 (20:30 +0000)
CVS patchset: 6071
CVS date: 2003/02/27 20:30:53

file/readelf.c patch | blob | history

diff --git a/file/readelf.c b/file/readelf.c
index cb28f33..ca2138e 100644 (file)
--- a/file/readelf.c
+++ b/file/readelf.c
@@ -82,12 +82,18 @@ getu64(const fmagic fm, uint64_t value)
 #define sh_addr                (fm->cls == ELFCLASS32          \
                         ? (void *) &sh32               \
                         : (void *) &sh64)
+#define sh_size                (fm->cls == ELFCLASS32          \
+                        ? sizeof sh32                  \
+                        : sizeof sh64)
 #define shs_type       (fm->cls == ELFCLASS32          \
                         ? getu32(fm, sh32.sh_type)     \
                         : getu32(fm, sh64.sh_type))
 #define ph_addr                (fm->cls == ELFCLASS32          \
                         ? (void *) &ph32               \
                         : (void *) &ph64)
+#define ph_size                (fm->cls == ELFCLASS32          \
+                        ? sizeof ph32                  \
+                        : sizeof ph64)
 #define ph_type                (fm->cls == ELFCLASS32          \
                         ? getu32(fm, ph32.p_type)      \
                         : getu32(fm, ph64.p_type))
@@ -122,6 +128,11 @@ doshn(fmagic fm, off_t off, int num, size_t size)
        Elf32_Shdr sh32;
        Elf64_Shdr sh64;
 
+       if (size != sh_size) {
+               error(EXIT_FAILURE, 0, "corrupted program header size.\n");
+               /*@notreached@*/
+       }
+
        if (lseek(fm->fd, off, SEEK_SET) == -1) {
                error(EXIT_FAILURE, 0, "lseek failed (%s).\n", strerror(errno));
                /*@notreached@*/
@@ -162,6 +173,11 @@ dophn_exec(fmagic fm, off_t off, int num, size_t size)
        int bufsize;
        size_t offset, nameoffset;
 
+       if (size != ph_size) {
+               error(EXIT_FAILURE, 0, "corrupted program header size.\n");
+               /*@notreached@*/
+       }
+
        if (lseek(fm->fd, off, SEEK_SET) == -1) {
                error(EXIT_FAILURE, 0, "lseek failed (%s).\n", strerror(errno));
                /*@notreached@*/
@@ -376,6 +392,11 @@ dophn_core(fmagic fm, off_t off, int num, size_t size)
        int bufsize;
        int os_style = -1;
 
+       if (size != ph_size) {
+               error(EXIT_FAILURE, 0, "corrupted program header size.\n");
+               /*@notreached@*/
+       }
+
        /*
         * Loop through all the program headers.
         */
Domain: SCM / Build;