aboutsummaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMike Frysinger <vapier@gentoo.org>2015-12-12 16:29:57 -0500
committerMike Frysinger <vapier@gentoo.org>2015-12-12 16:29:57 -0500
commit61ee81b90f679cc47bcb0e237e9373a4e0f4e04b (patch)
treee382eced4dfd5002e75887f1a55e86a9a3461059
parentdumpelf: reset dynamic phdr pointer with every elf (diff)
downloadpax-utils-61ee81b90f679cc47bcb0e237e9373a4e0f4e04b.tar.gz
pax-utils-61ee81b90f679cc47bcb0e237e9373a4e0f4e04b.tar.bz2
pax-utils-61ee81b90f679cc47bcb0e237e9373a4e0f4e04b.zip
dumpelf: handle corrupt section headers
URL: https://bugs.gentoo.org/567954 Reported-by: Brian Carpenter <brian.carpenter@gmail.com>
-rw-r--r--dumpelf.c13
1 files changed, 12 insertions, 1 deletions
diff --git a/dumpelf.c b/dumpelf.c
index 0f15382..fe0001b 100644
--- a/dumpelf.c
+++ b/dumpelf.c
@@ -102,9 +102,19 @@ static void dumpelf(const char *filename, long file_cnt)
Elf ## B ## _Ehdr *ehdr = EHDR ## B (elf->ehdr); \
Elf ## B ## _Shdr *shdr = SHDR ## B (elf->shdr); \
uint16_t shstrndx = EGET(ehdr->e_shstrndx); \
- Elf ## B ## _Off offset = EGET(shdr[shstrndx].sh_offset); \
+ Elf ## B ## _Shdr *strtbl = shdr + shstrndx; \
+ Elf ## B ## _Off offset; \
uint16_t shnum = EGET(ehdr->e_shnum); \
+ if (shstrndx >= shnum || !VALID_SHDR(elf, strtbl)) { \
+ printf(" /* corrupt section header strings table ! */ "); \
+ goto break_out_shdr; \
+ } \
+ offset = EGET(strtbl->sh_offset); \
for (i = 0; i < shnum; ++i, ++shdr) \
+ if (!VALID_SHDR(elf, shdr)) { \
+ printf(" /* corrupt section headers ! */ "); \
+ break; \
+ } \
dump_shdr(elf, shdr, i, elf->vdata + offset + EGET(shdr->sh_name)); \
}
DUMP_SHDRS(32)
@@ -112,6 +122,7 @@ static void dumpelf(const char *filename, long file_cnt)
} else {
printf(" /* no section headers ! */ ");
}
+ break_out_shdr:
printf("},\n");
/* finish the namespace struct and start the abitrary ones */