[gentoo-commits] gentoo-projects commit in pax-utils: paxelf.h scanelf.c - gentoo-commits

From:	"Mike Frysinger (vapier)" <vapier@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-projects commit in pax-utils: paxelf.h scanelf.c
Date:	Sat, 28 Feb 2015 22:57:46
Message-Id:	`20150228225740.DA74612C3D@oystercatcher.gentoo.org`

1

vapier      15/02/28 22:57:40

2

3

  Modified:             paxelf.h scanelf.c

4

  Log:

5

  scanelf: check shdrs are valid before using them

6

7

Revision  Changes    Path

8

1.61                 pax-utils/paxelf.h

9

10

file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?rev=1.61&view=markup

11

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?rev=1.61&content-type=text/plain

12

diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?r1=1.60&r2=1.61

13

14

Index: paxelf.h

15

===================================================================

16

RCS file: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v

17

retrieving revision 1.60

18

retrieving revision 1.61

19

diff -u -r1.60 -r1.61

20

--- paxelf.h	18 Jun 2014 03:16:52 -0000	1.60

21

+++ paxelf.h	28 Feb 2015 22:57:40 -0000	1.61

22

@@ -1,7 +1,7 @@

23

/*

24

  * Copyright 2005-2012 Gentoo Foundation

25

  * Distributed under the terms of the GNU General Public License v2

26

- * $Header: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v 1.60 2014/06/18 03:16:52 vapier Exp $

27

+ * $Header: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v 1.61 2015/02/28 22:57:40 vapier Exp $

28

*

29

  * Copyright 2005-2012 Ned Ludd        - <solar@g.o>

30

  * Copyright 2005-2012 Mike Frysinger  - <vapier@g.o>

31

@@ -40,6 +40,13 @@

32

 #define SYM32(ptr) ((Elf32_Sym *)(ptr))

33

 #define SYM64(ptr) ((Elf64_Sym *)(ptr))

34

35

+#define VALID_SHDR(elf, shdr) \

36

+	(shdr && \

37

+	 EGET(shdr->sh_type) != SHT_NOBITS && \

38

+	 EGET(shdr->sh_offset) < (uint64_t)elf->len && \

39

+	 EGET(shdr->sh_size) < (uint64_t)elf->len && \

40

+	 EGET(shdr->sh_offset) < elf->len - EGET(shdr->sh_size))

41

+

42

 /* prototypes */

43

 extern char *pax_short_hf_flags(unsigned long flags);

44

 extern char *pax_short_pf_flags(unsigned long flags);

1.276                pax-utils/scanelf.c

49

50

file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?rev=1.276&view=markup

51

plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?rev=1.276&content-type=text/plain

52

diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?r1=1.275&r2=1.276

53

54

Index: scanelf.c

55

===================================================================

56

RCS file: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v

57

retrieving revision 1.275

58

retrieving revision 1.276

59

diff -u -r1.275 -r1.276

60

--- scanelf.c	24 Feb 2015 06:58:39 -0000	1.275

61

+++ scanelf.c	28 Feb 2015 22:57:40 -0000	1.276

62

@@ -1,13 +1,13 @@

63

/*

64

  * Copyright 2003-2012 Gentoo Foundation

65

  * Distributed under the terms of the GNU General Public License v2

66

- * $Header: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v 1.275 2015/02/24 06:58:39 vapier Exp $

67

+ * $Header: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v 1.276 2015/02/28 22:57:40 vapier Exp $

68

*

69

  * Copyright 2003-2012 Ned Ludd        - <solar@g.o>

70

  * Copyright 2004-2012 Mike Frysinger  - <vapier@g.o>

71

*/

72

73

-static const char rcsid[] = "$Id: scanelf.c,v 1.275 2015/02/24 06:58:39 vapier Exp $";

74

+static const char rcsid[] = "$Id: scanelf.c,v 1.276 2015/02/28 22:57:40 vapier Exp $";

75

 const char argv0[] = "scanelf";

76

77

 #include "paxinc.h"

78

@@ -189,13 +189,13 @@

79

 	Elf ## B ## _Shdr *edynsym = dynsym; \

80

 	Elf ## B ## _Shdr *edynstr = dynstr; \

81

\

82

-	if (symtab && EGET(esymtab->sh_type) == SHT_NOBITS) \

83

+	if (!VALID_SHDR(elf, esymtab)) \

84

 		symtab = NULL; \

85

-	if (dynsym && EGET(edynsym->sh_type) == SHT_NOBITS) \

86

+	if (!VALID_SHDR(elf, edynsym)) \

87

 		dynsym = NULL; \

88

-	if (strtab && EGET(estrtab->sh_type) == SHT_NOBITS) \

89

+	if (!VALID_SHDR(elf, estrtab)) \

90

 		strtab = NULL; \

91

-	if (dynstr && EGET(edynstr->sh_type) == SHT_NOBITS) \

92

+	if (!VALID_SHDR(elf, edynstr)) \

93

 		dynstr = NULL; \

94

\

95

 	/* Use the set with more symbols if both exist. */ \

96

@@ -1404,6 +1404,8 @@

97

 		Elf ## B ## _Word i, cnt = EGET(symtab->sh_entsize); \

98

 		char *symname; \

99

 		size_t ret_len = 0; \

100

+		if (!VALID_SHDR(elf, symtab) || !VALID_SHDR(elf, strtab)) \

101

+			goto break_out; \

102

 		if (cnt) \

103

 			cnt = EGET(symtab->sh_size) / cnt; \

104

 		for (i = 0; i < cnt; ++i) { \

1	vapier 15/02/28 22:57:40
2
3	Modified: paxelf.h scanelf.c
4	Log:
5	scanelf: check shdrs are valid before using them
6
7	Revision Changes Path
8	1.61 pax-utils/paxelf.h
9
10	file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?rev=1.61&view=markup
11	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?rev=1.61&content-type=text/plain
12	diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/paxelf.h?r1=1.60&r2=1.61
13
14	Index: paxelf.h
15	===================================================================
16	RCS file: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v
17	retrieving revision 1.60
18	retrieving revision 1.61
19	diff -u -r1.60 -r1.61
20	--- paxelf.h 18 Jun 2014 03:16:52 -0000 1.60
21	+++ paxelf.h 28 Feb 2015 22:57:40 -0000 1.61
22	@@ -1,7 +1,7 @@
23	/*
24	* Copyright 2005-2012 Gentoo Foundation
25	* Distributed under the terms of the GNU General Public License v2
26	- * $Header: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v 1.60 2014/06/18 03:16:52 vapier Exp $
27	+ * $Header: /var/cvsroot/gentoo-projects/pax-utils/paxelf.h,v 1.61 2015/02/28 22:57:40 vapier Exp $
28	*
29	* Copyright 2005-2012 Ned Ludd - <solar@g.o>
30	* Copyright 2005-2012 Mike Frysinger - <vapier@g.o>
31	@@ -40,6 +40,13 @@
32	#define SYM32(ptr) ((Elf32_Sym *)(ptr))
33	#define SYM64(ptr) ((Elf64_Sym *)(ptr))
34
35	+#define VALID_SHDR(elf, shdr) \
36	+ (shdr && \
37	+ EGET(shdr->sh_type) != SHT_NOBITS && \
38	+ EGET(shdr->sh_offset) < (uint64_t)elf->len && \
39	+ EGET(shdr->sh_size) < (uint64_t)elf->len && \
40	+ EGET(shdr->sh_offset) < elf->len - EGET(shdr->sh_size))
41	+
42	/* prototypes */
43	extern char *pax_short_hf_flags(unsigned long flags);
44	extern char *pax_short_pf_flags(unsigned long flags);
45
46
47
48	1.276 pax-utils/scanelf.c
49
50	file : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?rev=1.276&view=markup
51	plain: http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?rev=1.276&content-type=text/plain
52	diff : http://sources.gentoo.org/viewvc.cgi/gentoo-projects/pax-utils/scanelf.c?r1=1.275&r2=1.276
53
54	Index: scanelf.c
55	===================================================================
56	RCS file: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v
57	retrieving revision 1.275
58	retrieving revision 1.276
59	diff -u -r1.275 -r1.276
60	--- scanelf.c 24 Feb 2015 06:58:39 -0000 1.275
61	+++ scanelf.c 28 Feb 2015 22:57:40 -0000 1.276
62	@@ -1,13 +1,13 @@
63	/*
64	* Copyright 2003-2012 Gentoo Foundation
65	* Distributed under the terms of the GNU General Public License v2
66	- * $Header: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v 1.275 2015/02/24 06:58:39 vapier Exp $
67	+ * $Header: /var/cvsroot/gentoo-projects/pax-utils/scanelf.c,v 1.276 2015/02/28 22:57:40 vapier Exp $
68	*
69	* Copyright 2003-2012 Ned Ludd - <solar@g.o>
70	* Copyright 2004-2012 Mike Frysinger - <vapier@g.o>
71	*/
72
73	-static const char rcsid[] = "$Id: scanelf.c,v 1.275 2015/02/24 06:58:39 vapier Exp $";
74	+static const char rcsid[] = "$Id: scanelf.c,v 1.276 2015/02/28 22:57:40 vapier Exp $";
75	const char argv0[] = "scanelf";
76
77	#include "paxinc.h"
78	@@ -189,13 +189,13 @@
79	Elf ## B ## _Shdr *edynsym = dynsym; \
80	Elf ## B ## _Shdr *edynstr = dynstr; \
81	\
82	- if (symtab && EGET(esymtab->sh_type) == SHT_NOBITS) \
83	+ if (!VALID_SHDR(elf, esymtab)) \
84	symtab = NULL; \
85	- if (dynsym && EGET(edynsym->sh_type) == SHT_NOBITS) \
86	+ if (!VALID_SHDR(elf, edynsym)) \
87	dynsym = NULL; \
88	- if (strtab && EGET(estrtab->sh_type) == SHT_NOBITS) \
89	+ if (!VALID_SHDR(elf, estrtab)) \
90	strtab = NULL; \
91	- if (dynstr && EGET(edynstr->sh_type) == SHT_NOBITS) \
92	+ if (!VALID_SHDR(elf, edynstr)) \
93	dynstr = NULL; \
94	\
95	/* Use the set with more symbols if both exist. */ \
96	@@ -1404,6 +1404,8 @@
97	Elf ## B ## _Word i, cnt = EGET(symtab->sh_entsize); \
98	char *symname; \
99	size_t ret_len = 0; \
100	+ if (!VALID_SHDR(elf, symtab) \|\| !VALID_SHDR(elf, strtab)) \
101	+ goto break_out; \
102	if (cnt) \
103	cnt = EGET(symtab->sh_size) / cnt; \
104	for (i = 0; i < cnt; ++i) { \

Gentoo Archives: gentoo-commits