From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id A6549138CBD for ; Tue, 10 Mar 2015 04:19:33 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 05002E0963; Tue, 10 Mar 2015 04:19:32 +0000 (UTC) Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id A4743E0963 for ; Tue, 10 Mar 2015 04:19:31 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 4B99B34084A for ; Tue, 10 Mar 2015 04:19:30 +0000 (UTC) Received: from localhost.localdomain (localhost [127.0.0.1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id CDB1F136CF for ; Tue, 10 Mar 2015 04:19:26 +0000 (UTC) From: "Mike Frysinger" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Mike Frysinger" Message-ID: <1425961073.7609b76c57386b747cdc7dcb4ca440a472a38fbf.vapier@gentoo> Subject: [gentoo-commits] proj/pax-utils:master commit in: / X-VCS-Repository: proj/pax-utils X-VCS-Files: paxelf.h scanelf.c X-VCS-Directories: / X-VCS-Committer: vapier X-VCS-Committer-Name: Mike Frysinger X-VCS-Revision: 7609b76c57386b747cdc7dcb4ca440a472a38fbf X-VCS-Branch: master Date: Tue, 10 Mar 2015 04:19:26 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Archives-Salt: fe37a0cd-0ff5-451b-8d7b-17ecc96b5315 X-Archives-Hash: b7d62dc3af73b34f9220379b99602d77 commit: 7609b76c57386b747cdc7dcb4ca440a472a38fbf Author: Mike Frysinger gentoo org> AuthorDate: Tue Mar 10 04:17:53 2015 +0000 Commit: Mike Frysinger gentoo org> CommitDate: Tue Mar 10 04:17:53 2015 +0000 URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=7609b76c scanelf: fix off-by-one shdr validity check If a section header is at the end of the file, we end up incorrectly rejecting it due to a slightly restrictive validity check. Also drop some redundant shdr checks -- these came from the helper scanelf_file_get_symtabs, and that already makes sure to only return valid section headers. Reported-by: Dominik Mierzejewski greysector.net> paxelf.h | 2 +- scanelf.c | 2 -- 2 files changed, 1 insertion(+), 3 deletions(-) diff --git a/paxelf.h b/paxelf.h index 0610516..034e0d7 100644 --- a/paxelf.h +++ b/paxelf.h @@ -44,7 +44,7 @@ typedef struct { EGET(shdr->sh_type) != SHT_NOBITS && \ EGET(shdr->sh_offset) < (uint64_t)elf->len && \ EGET(shdr->sh_size) < (uint64_t)elf->len && \ - EGET(shdr->sh_offset) < elf->len - EGET(shdr->sh_size)) + EGET(shdr->sh_offset) <= elf->len - EGET(shdr->sh_size)) /* prototypes */ extern char *pax_short_hf_flags(unsigned long flags); diff --git a/scanelf.c b/scanelf.c index 64c4fc8..599e2ed 100644 --- a/scanelf.c +++ b/scanelf.c @@ -1426,8 +1426,6 @@ static const char *scanelf_file_sym(elfobj *elf, char *found_sym) Elf ## B ## _Word i, cnt = EGET(symtab->sh_entsize); \ char *symname; \ size_t ret_len = 0; \ - if (!VALID_SHDR(elf, symtab) || !VALID_SHDR(elf, strtab)) \ - goto break_out; \ if (cnt) \ cnt = EGET(symtab->sh_size) / cnt; \ for (i = 0; i < cnt; ++i) { \