Hi Mark,
On Mon, May 18, 2026 at 11:32 AM Mark Wielaard <[email protected]> wrote:
>
> 32bit ELF can only represent up to UINT32_MAX bytes in d_size. Sanity
> check that the uncompressed size isn't bigger so we don't silently
> truncate it.
>
> * libelf/elf_compress_gnu.c (elf_compress_gnu): Check gsize
> fits UINT32_MAX for ELFCLASS32.
>
> Signed-off-by: Mark Wielaard <[email protected]>
LGTM.
Aaron
> ---
> libelf/elf_compress_gnu.c | 7 +++++--
> 1 file changed, 5 insertions(+), 2 deletions(-)
>
> diff --git a/libelf/elf_compress_gnu.c b/libelf/elf_compress_gnu.c
> index 006e2ae4126d..a9fff07edc2d 100644
> --- a/libelf/elf_compress_gnu.c
> +++ b/libelf/elf_compress_gnu.c
> @@ -168,8 +168,11 @@ elf_compress_gnu (Elf_Scn *scn, int inflate, unsigned
> int flags)
> /* One more sanity check, size should be bigger than original
> data size plus some overhead (4 chars ZLIB + 8 bytes size + 6
> bytes zlib stream overhead + 5 bytes overhead max for one 16K
> - block) and should fit into a size_t. */
> - if (gsize + 4 + 8 + 6 + 5 < data->d_size || gsize > SIZE_MAX)
> + block) and should fit into a size_t (or in UINT32_MAX for
> + 32bit ELF). */
> + if (gsize + 4 + 8 + 6 + 5 < data->d_size
> + || gsize > SIZE_MAX
> + || (elfclass == ELFCLASS32 && gsize > UINT32_MAX))
> {
> __libelf_seterrno (ELF_E_NOT_COMPRESSED);
> return -1;
> --
> 2.53.0
>
