Signed-off-by: Mark Wielaard <[email protected]> --- libdwfl/ChangeLog | 5 +++++ libdwfl/dwfl_module_getdwarf.c | 10 +++++++++- 2 files changed, 14 insertions(+), 1 deletion(-)
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog index 66e642f..99d555f 100644 --- a/libdwfl/ChangeLog +++ b/libdwfl/ChangeLog @@ -1,3 +1,8 @@ +2014-12-13 Mark Wielaard <[email protected]> + + * dwfl_module_getdwarf.c (find_dynsym): elf_getdata_rawchunk takes + a size_t, make sure it doesn't overflow. + 2014-12-09 Mark Wielaard <[email protected]> * dwfl_segment_report_module.c (handle_file_note): Check count doesn't diff --git a/libdwfl/dwfl_module_getdwarf.c b/libdwfl/dwfl_module_getdwarf.c index c2e9e59..ab9bd48 100644 --- a/libdwfl/dwfl_module_getdwarf.c +++ b/libdwfl/dwfl_module_getdwarf.c @@ -768,7 +768,15 @@ find_dynsym (Dwfl_Module *mod) * sizeof (Elf32_Word) * header->maskwords)); - data = elf_getdata_rawchunk (mod->main.elf, buckets_at, + // elf_getdata_rawchunk takes a size_t, make sure it + // doesn't overflow. +#if SIZE_MAX <= UINT32_MAX + if (nbuckets > SIZE_MAX / sizeof (Elf32_Word)) + data = NULL; + else +#endif + data + = elf_getdata_rawchunk (mod->main.elf, buckets_at, nbuckets * sizeof (Elf32_Word), ELF_T_WORD); if (data != NULL && symndx < nbuckets) -- 2.1.0
