[PATCH] libelf: Check alignment of Verdef, Verdaux, Verneed and Vernaux offsets

Mark Wielaard Fri, 18 Mar 2022 04:19:24 -0700

The Verdef, Verdaux, Verneed and Vernaux structures contain fields
which point to the next structures. Make sure these offsets are
correctly aligned for the structures they point to.


Signed-off-by: Mark Wielaard <m...@klomp.org>
---
 libelf/ChangeLog       |  6 ++++++
 libelf/version_xlate.h | 17 +++++++++++++----
 2 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/libelf/ChangeLog b/libelf/ChangeLog
index 07dd905f..f6b47c68 100644
--- a/libelf/ChangeLog
+++ b/libelf/ChangeLog
@@ -1,3 +1,9 @@
+2022-03-18  Mark Wielaard  <m...@klomp.org>
+
+       * version_xlate.h (elf_cvt_Verdef): Check alignment of def_offset
+       and aux_offset.
+       (elf_cvt_Verneed): Check alignment of need_offset and aux_offset.
+
 2022-03-17  Mark Wielaard  <m...@klomp.org>
 
        * elf_begin.c (read_long_names): Check ar_size starts with a digit.
diff --git a/libelf/version_xlate.h b/libelf/version_xlate.h
index 9fe01c64..b7bd301d 100644
--- a/libelf/version_xlate.h
+++ b/libelf/version_xlate.h
@@ -1,5 +1,6 @@
 /* Conversion functions for versioning information.
    Copyright (C) 1998, 1999, 2000, 2002, 2003, 2015 Red Hat, Inc.
+   Copyright (C) 2022 Mark J. Wielaard <m...@klomp.org>
    This file is part of elfutils.
    Written by Ulrich Drepper <drep...@redhat.com>, 1998.
 
@@ -66,7 +67,9 @@ elf_cvt_Verdef (void *dest, const void *src, size_t len, int 
encode)
       GElf_Verdaux *asrc;
 
       /* Test for correct offset.  */
-      if (def_offset > len || len - def_offset < sizeof (GElf_Verdef))
+      if (def_offset > len
+         || len - def_offset < sizeof (GElf_Verdef)
+         || (def_offset & (__alignof__ (GElf_Verdef) - 1)) != 0)
        return;
 
       /* Work the tree from the first record.  */
@@ -95,7 +98,9 @@ elf_cvt_Verdef (void *dest, const void *src, size_t len, int 
encode)
          GElf_Verdaux *adest;
 
          /* Test for correct offset.  */
-         if (aux_offset > len || len - aux_offset < sizeof (GElf_Verdaux))
+         if (aux_offset > len
+             || len - aux_offset < sizeof (GElf_Verdaux)
+             || (aux_offset & (__alignof__ (GElf_Verdaux) - 1)) != 0)
            return;
 
          adest = (GElf_Verdaux *) ((char *) dest + aux_offset);
@@ -165,7 +170,9 @@ elf_cvt_Verneed (void *dest, const void *src, size_t len, 
int encode)
       GElf_Vernaux *asrc;
 
       /* Test for correct offset.  */
-      if (need_offset > len || len - need_offset < sizeof (GElf_Verneed))
+      if (need_offset > len
+         || len - need_offset < sizeof (GElf_Verneed)
+         || (need_offset & (__alignof__ (GElf_Verneed) - 1)) != 0)
        return;
 
       /* Work the tree from the first record.  */
@@ -192,7 +199,9 @@ elf_cvt_Verneed (void *dest, const void *src, size_t len, 
int encode)
          GElf_Vernaux *adest;
 
          /* Test for correct offset.  */
-         if (aux_offset > len || len - aux_offset < sizeof (GElf_Vernaux))
+         if (aux_offset > len
+             || len - aux_offset < sizeof (GElf_Vernaux)
+             || (aux_offset & (__alignof__ (GElf_Vernaux) - 1)) != 0)
            return;
 
          adest = (GElf_Vernaux *) ((char *) dest + aux_offset);
-- 
2.30.2

[PATCH] libelf: Check alignment of Verdef, Verdaux, Verneed and Vernaux offsets

Reply via email to