readelf: memrchr searches backwards but takes the start buf as argument

The bug (caught by valgrind) was giving memrchr to end of the buffer.

Also as cleanup, Use d_val not d_ptr for calculating offset.

diff --git a/src/ChangeLog b/src/ChangeLog
index db20a6e..42ce664 100644 (file)
--- a/src/ChangeLog
+++ b/src/ChangeLog
@@ -1,3 +1,8 @@
+2022-08-01  Mark Wielaard  <mark@klomp.org>
+
+       * readelf.c (handle_dynamic): Pass start of buffer to memrchr.
+       Use dyn->d_un.d_val for offsets instead of d_ptr.
+
 2022-04-28  Di Chen  <dichen@redhat.com>
 
        * readelf.c (options): Add use-dynamic 'D'.

diff --git a/src/readelf.c b/src/readelf.c
index f4d973d..f1f77ce 100644 (file)
--- a/src/readelf.c
+++ b/src/readelf.c
@@ -1905,10 +1905,10 @@ handle_dynamic (Ebl *ebl, Elf_Scn *scn, GElf_Shdr *shdr, GElf_Phdr *phdr)
        {
          if (! use_dynamic_segment)
            name = elf_strptr (ebl->elf, shdr->sh_link, dyn->d_un.d_val);
-         else if (dyn->d_un.d_ptr < strtab_data->d_size
-                  && memrchr (strtab_data->d_buf + strtab_data->d_size - 1, '\0',
-                              strtab_data->d_size - 1 - dyn->d_un.d_ptr) != NULL)
-           name = ((char *) strtab_data->d_buf) + dyn->d_un.d_ptr;
+         else if (dyn->d_un.d_val < strtab_data->d_size
+                  && memrchr (strtab_data->d_buf + dyn->d_un.d_val, '\0',
+                              strtab_data->d_size - 1 - dyn->d_un.d_val) != NULL)
+           name = ((char *) strtab_data->d_buf) + dyn->d_un.d_val;
        }
 
       switch (dyn->d_tag)