commit: 599d8c41b144596764b33d87d09f80948652ed92 Author: Mike Frysinger <vapier <AT> gentoo <DOT> org> AuthorDate: Fri Jan 26 03:57:24 2024 +0000 Commit: Sam James <sam <AT> gentoo <DOT> org> CommitDate: Fri Aug 9 10:06:16 2024 +0000 URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=599d8c41
dumpelf: improve note memory check Make sure the entire structure fits within the bounds of memory, not just the start of it. Bug: https://bugs.gentoo.org/922906 Signed-off-by: Mike Frysinger <vapier <AT> gentoo.org> (cherry picked from commit a5298c41c27a35a5c2dcca0723c808029d241953) Signed-off-by: Sam James <sam <AT> gentoo.org> dumpelf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dumpelf.c b/dumpelf.c index 6ce8403..b88be0c 100644 --- a/dumpelf.c +++ b/dumpelf.c @@ -232,7 +232,7 @@ static void dump_notes(const elfobj *elf, size_t B, const void *memory, const vo } printf("\n\t/%c note section dump:\n", '*'); - for (i = 0; ndata < memory_end && !corrupt; ++i) { + for (i = 0; ndata < memory_end - sizeof(*note) && !corrupt; ++i) { note = ndata; namesz = EGET(note->n_namesz); descsz = EGET(note->n_descsz);
