On Wed, 2011-03-23 at 15:42 +0100, Petr Machata wrote: > Mark Wielaard <[email protected]> writes: > > > On Tue, 2011-03-22 at 06:21 -0700, Roland McGrath wrote: > >> Have you checked the robustify branch? > > > > I assume the usage of the result of gelf_fsize for sh_entsize instead of > > shdr->sh_entsize directly helps guard against some of the same issues. > > But it doesn't seem to be used consistently on the branch, so Petr's > > patch still makes sense to me. Maybe combined with the robustify > > branch > > I reworked the patch on top of the robustify branch, which already had > the elflint fixes that I posted. This time around, I was more thorough > in picking up various places in readelf.c where sh_entsize use might > lead to SIGFPE. It should all use gelf_fsize now. The branch > pmachata/sh_entsize was force-updated and has now the new content.
That looks fine to me. Thanks. > > approach. There were a couple more interesting fixes on that branch. > > What is preventing them to be merged with master? Need a more close > > review? Are these used by default on fedora? > > I'm wondering about this, too. I think that after you applied your test to the robustify branch we should merge it into master. If we are already packaging elfutils with those patches applied and encourage people to do so, then it seems silly to not just make it the default. There are now various tools (abrt for example) that use the elfutils tools to examine and report automatically on various files that might for some reason or another be corrupted (partial core files for example) Unless someone really thinks these patches are not just cleanups, but really wrong in some way. But crashing on bad input seems not good. Thanks, Mark _______________________________________________ elfutils-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/elfutils-devel
