https://sourceware.org/bugzilla/show_bug.cgi?id=24387
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|UNCONFIRMED |RESOLVED
CC| |mark at klomp dot org
Resolution|--- |FIXED
Summary|Invalid address Deference |dwfl_segment_report_module
|in elf32_xlatetom function |doesn't check whether the
|in libelf/elf32_xlatetom.c |phdrs data read from core
| |file is truncated
--- Comment #2 from Mark Wielaard <mark at klomp dot org> ---
Can be replicated with valgrind.
It is indeed similar to bug #24103. Both of which aren't bugs in
elf(64|32)_xlatetom, but dwfl_segment_report_module should also check that the
core file isn't truncated so that not all of the phdrs can be read.
Fix is similar:
diff --git a/libdwfl/dwfl_segment_report_module.c
b/libdwfl/dwfl_segment_report_
index f6ad39b..76ba150 100644
--- a/libdwfl/dwfl_segment_report_module.c
+++ b/libdwfl/dwfl_segment_report_module.c
@@ -412,6 +412,12 @@ dwfl_segment_report_module (Dwfl *dwfl, int ndx, const
char
start + phoff, xlatefrom.d_size))
return finish ();
+ /* ph_buffer_size will be zero if we got everything from the initial
+ buffer, otherwise it will be the size of the new buffer that
+ could be read. */
+ if (ph_buffer_size != 0)
+ xlatefrom.d_size = ph_buffer_size;
+
xlatefrom.d_buf = ph_buffer;
bool class32 = ei_class == ELFCLASS32;
commit e1f353b785b5cdb20d8004b6c4070c3e2a783e8b
Author: Mark Wielaard <m...@klomp.org>
Date: Wed Mar 27 22:32:21 2019 +0100
libdwfl: Sanity check partial core file phdrs data read.
When reading the phdrs data from the core file check if we got everything,
or just part of the data.
https://sourceware.org/bugzilla/show_bug.cgi?id=24387
Signed-off-by: Mark Wielaard <m...@klomp.org>
--
You are receiving this mail because:
You are on the CC list for the bug.
