diff options
| author | Peter Maydell <peter.maydell@linaro.org> | 2025-07-10 18:07:07 +0100 |
|---|---|---|
| committer | Richard Henderson <richard.henderson@linaro.org> | 2025-07-10 13:48:34 -0600 |
| commit | cb8607b89ffbba905eac3af595d1db974d2ffc5d (patch) | |
| tree | 9eaa869b931bd528d5b109d909b48540965b8c6a /scripts/rust/rustc_args.py | |
| parent | ff3b0e8d326155e45574dd14de5db6702a32d06e (diff) | |
| download | qemu-cb8607b89ffbba905eac3af595d1db974d2ffc5d.zip qemu-cb8607b89ffbba905eac3af595d1db974d2ffc5d.tar.gz qemu-cb8607b89ffbba905eac3af595d1db974d2ffc5d.tar.bz2 | |
linux-user/gen-vdso: Don't read off the end of buf[]
In gen-vdso we load in a file and assume it's a valid ELF file. In
particular we assume it's big enough to be able to read the ELF
information in e_ident in the ELF header.
Add a check that the total file length is at least big enough for all
the e_ident bytes, which is good enough for the code in gen-vdso.c.
This will catch the most obvious possible bad input file (truncated)
and allow us to run the sanity checks like "not actually an ELF file"
without potentially crashing.
The code in elf32_process() and elf64_process() still makes
assumptions about the file being well-formed, but this is OK because
we only run it on the vdso binaries that we create ourselves in the
build process by running the compiler.
Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
Signed-off-by: Richard Henderson <richard.henderson@linaro.org>
Message-ID: <20250710170707.1299926-3-peter.maydell@linaro.org>
Diffstat (limited to 'scripts/rust/rustc_args.py')
0 files changed, 0 insertions, 0 deletions