diff options
| author | Alan Modra <amodra@gmail.com> | 2025-10-06 09:08:26 +1030 |
|---|---|---|
| committer | Alan Modra <amodra@gmail.com> | 2025-10-06 13:31:31 +1030 |
| commit | 236cf2bf6089ba627723303bc530f7aa33640ab7 (patch) | |
| tree | 3df19db8a436bdd59f9e874b45c029d0a3092557 /gdb/python/py-utils.c | |
| parent | f2a3ccf127fe2e84c58a483bd919276aa74bb8df (diff) | |
| download | binutils-236cf2bf6089ba627723303bc530f7aa33640ab7.zip binutils-236cf2bf6089ba627723303bc530f7aa33640ab7.tar.gz binutils-236cf2bf6089ba627723303bc530f7aa33640ab7.tar.bz2 | |
readelf reloc range check
A fuzzed object file hit this sanitizer error.
readelf.c:16764:9: runtime error: pointer index expression with base
0x6dd4491e1590 overflowed to 0xe7af96d4491e17a1
The same could occur in any of the IN_RANGE reloc checks, where the
reloc address is calculated as "start + r_offset" then compared
against "start" and "end". So don't do that. Compare r_offset
against the memory size, first.
* readelf.c (IN_RANGE): Delete.
(in_range): New inline funcion.
(target_specific_reloc_handling): Replace "end" param with
"size". Update uses. Replace IN_RANGE with in_range.
(apply_relocations): Delete "end" variable. Update
target_specific_reloc_handling calls and replace IN_RANGE.
Avoid pointer overflow.
Diffstat (limited to 'gdb/python/py-utils.c')
0 files changed, 0 insertions, 0 deletions