diff options
author | Nick Clifton <nickc@redhat.com> | 2022-10-03 13:19:21 +0100 |
---|---|---|
committer | Nick Clifton <nickc@redhat.com> | 2022-10-03 13:19:21 +0100 |
commit | 907b52f4ceb6d15b00a0ac5fc7a7029f8a80b97d (patch) | |
tree | b4be74498a3db6a60a7a27f0796dbd3aaee2bc49 /binutils | |
parent | 01292987969e807f3c5861c75723d5532bf42f12 (diff) | |
download | binutils-907b52f4ceb6d15b00a0ac5fc7a7029f8a80b97d.zip binutils-907b52f4ceb6d15b00a0ac5fc7a7029f8a80b97d.tar.gz binutils-907b52f4ceb6d15b00a0ac5fc7a7029f8a80b97d.tar.bz2 |
readelf: DO not load section headers from file offset zero
* readelf.c (get_32bit_section_headers): Return false if the
e_shoff field is zero.
(get_64bit_section_headers): Likewise.
Diffstat (limited to 'binutils')
-rw-r--r-- | binutils/ChangeLog | 6 | ||||
-rw-r--r-- | binutils/readelf.c | 13 |
2 files changed, 19 insertions, 0 deletions
diff --git a/binutils/ChangeLog b/binutils/ChangeLog index 38debde..8690d78 100644 --- a/binutils/ChangeLog +++ b/binutils/ChangeLog @@ -1,3 +1,9 @@ +2022-10-03 Nick Clifton <nickc@redhat.com> + + * readelf.c (get_32bit_section_headers): Return false if the + e_shoff field is zero. + (get_64bit_section_headers): Likewise. + 2022-09-28 Nick Clifton <nickc@redhat.com> PR 29628 diff --git a/binutils/readelf.c b/binutils/readelf.c index 351571c..8c6c038 100644 --- a/binutils/readelf.c +++ b/binutils/readelf.c @@ -6365,6 +6365,13 @@ get_32bit_section_headers (Filedata * filedata, bool probe) /* PR binutils/17531: Cope with unexpected section header sizes. */ if (size == 0 || num == 0) return false; + + /* The section header cannot be at the start of the file - that is + where the ELF file header is located. A file with absolutely no + sections in it will use a shoff of 0. */ + if (filedata->file_header.e_shoff == 0) + return false; + if (size < sizeof * shdrs) { if (! probe) @@ -6429,6 +6436,12 @@ get_64bit_section_headers (Filedata * filedata, bool probe) if (size == 0 || num == 0) return false; + /* The section header cannot be at the start of the file - that is + where the ELF file header is located. A file with absolutely no + sections in it will use a shoff of 0. */ + if (filedata->file_header.e_shoff == 0) + return false; + if (size < sizeof * shdrs) { if (! probe) |