Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
View | Details | Raw Unified | Return to bug 91817 | Differences between
and this patch

Collapse All | Expand All

(-)elfutils-0.108/libelf/gelf_getrel.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Get REL relocation information at given index.
1
/* Get REL relocation information at given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 38-49 gelf_getrel (data, ndx, dst) Link Here
38
  if (data_scn == NULL)
38
  if (data_scn == NULL)
39
    return NULL;
39
    return NULL;
40
40
41
  if (unlikely (ndx < 0))
42
    {
43
      __libelf_seterrno (ELF_E_INVALID_INDEX);
44
      return NULL;
45
    }
46
47
  if (unlikely (data_scn->d.d_type != ELF_T_REL))
41
  if (unlikely (data_scn->d.d_type != ELF_T_REL))
48
    {
42
    {
49
      __libelf_seterrno (ELF_E_INVALID_HANDLE);
43
      __libelf_seterrno (ELF_E_INVALID_HANDLE);
Lines 60-66 gelf_getrel (data, ndx, dst) Link Here
60
  if (scn->elf->class == ELFCLASS32)
54
  if (scn->elf->class == ELFCLASS32)
61
    {
55
    {
62
      /* We have to convert the data.  */
56
      /* We have to convert the data.  */
63
      if (unlikely ((ndx + 1) * sizeof (Elf32_Rel) > data_scn->d.d_size))
57
      if (INVALID_NDX (ndx, Elf32_Rel)
58
	  || unlikely ((ndx + 1) * sizeof (Elf32_Rel) > data_scn->d.d_size))
64
	{
59
	{
65
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
60
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
66
	  result = NULL;
61
	  result = NULL;
Lines 80-86 gelf_getrel (data, ndx, dst) Link Here
80
    {
75
    {
81
      /* Simply copy the data after we made sure we are actually getting
76
      /* Simply copy the data after we made sure we are actually getting
82
	 correct data.  */
77
	 correct data.  */
83
      if (unlikely ((ndx + 1) * sizeof (Elf64_Rel) > data_scn->d.d_size))
78
      if (INVALID_NDX (ndx, Elf64_Rel)
79
	  || unlikely ((ndx + 1) * sizeof (Elf64_Rel) > data_scn->d.d_size))
84
	{
80
	{
85
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
81
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
86
	  result = NULL;
82
	  result = NULL;
(-)elfutils-0.108/libelf/gelf_getsym.c.jj (-3 / +5 lines)
Lines 1-5 Link Here
1
/* Get symbol information from symbol table at the given index.
1
/* Get symbol information from symbol table at the given index.
2
   Copyright (C) 1999, 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 1999, 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1999.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1999.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 57-63 gelf_getsym (data, ndx, dst) Link Here
57
	 table entries has to be adopted.  The user better has provided
57
	 table entries has to be adopted.  The user better has provided
58
	 a buffer where we can store the information.  While copying the
58
	 a buffer where we can store the information.  While copying the
59
	 data we are converting the format.  */
59
	 data we are converting the format.  */
60
      if (unlikely ((ndx + 1) * sizeof (Elf32_Sym) > data->d_size))
60
      if (INVALID_NDX (ndx, Elf32_Sym)
61
	  || unlikely ((ndx + 1) * sizeof (Elf32_Sym) > data->d_size))
61
	{
62
	{
62
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
63
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
63
	  goto out;
64
	  goto out;
Lines 86-92 gelf_getsym (data, ndx, dst) Link Here
86
87
87
      /* The data is already in the correct form.  Just make sure the
88
      /* The data is already in the correct form.  Just make sure the
88
	 index is OK.  */
89
	 index is OK.  */
89
      if (unlikely ((ndx + 1) * sizeof (GElf_Sym) > data->d_size))
90
      if (INVALID_NDX (ndx, GElf_Sym)
91
	  || unlikely ((ndx + 1) * sizeof (GElf_Sym) > data->d_size))
90
	{
92
	{
91
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
93
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
92
	  goto out;
94
	  goto out;
(-)elfutils-0.108/libelf/gelf_update_sym.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Update symbol information in symbol table at the given index.
1
/* Update symbol information in symbol table at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 39-50 gelf_update_sym (data, ndx, src) Link Here
39
  if (data == NULL)
39
  if (data == NULL)
40
    return 0;
40
    return 0;
41
41
42
  if (unlikely (ndx < 0))
43
    {
44
      __libelf_seterrno (ELF_E_INVALID_INDEX);
45
      return 0;
46
    }
47
48
  if (unlikely (data_scn->d.d_type != ELF_T_SYM))
42
  if (unlikely (data_scn->d.d_type != ELF_T_SYM))
49
    {
43
    {
50
      /* The type of the data better should match.  */
44
      /* The type of the data better should match.  */
Lines 69-75 gelf_update_sym (data, ndx, src) Link Here
69
	}
63
	}
70
64
71
      /* Check whether we have to resize the data buffer.  */
65
      /* Check whether we have to resize the data buffer.  */
72
      if (unlikely ((ndx + 1) * sizeof (Elf32_Sym) > data_scn->d.d_size))
66
      if (INVALID_NDX (ndx, Elf32_Sym)
67
	  || unlikely ((ndx + 1) * sizeof (Elf32_Sym) > data_scn->d.d_size))
73
	{
68
	{
74
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
69
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
75
	  goto out;
70
	  goto out;
Lines 92-98 gelf_update_sym (data, ndx, src) Link Here
92
  else
87
  else
93
    {
88
    {
94
      /* Check whether we have to resize the data buffer.  */
89
      /* Check whether we have to resize the data buffer.  */
95
      if (unlikely ((ndx + 1) * sizeof (Elf64_Sym) > data_scn->d.d_size))
90
      if (INVALID_NDX (ndx, Elf64_Sym)
91
	  || unlikely ((ndx + 1) * sizeof (Elf64_Sym) > data_scn->d.d_size))
96
	{
92
	{
97
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
93
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
98
	  goto out;
94
	  goto out;
(-)elfutils-0.108/libelf/gelf_getrela.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Get RELA relocation information at given index.
1
/* Get RELA relocation information at given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 38-49 gelf_getrela (data, ndx, dst) Link Here
38
  if (data_scn == NULL)
38
  if (data_scn == NULL)
39
    return NULL;
39
    return NULL;
40
40
41
  if (unlikely (ndx < 0))
42
    {
43
      __libelf_seterrno (ELF_E_INVALID_INDEX);
44
      return NULL;
45
    }
46
47
  if (unlikely (data_scn->d.d_type != ELF_T_RELA))
41
  if (unlikely (data_scn->d.d_type != ELF_T_RELA))
48
    {
42
    {
49
      __libelf_seterrno (ELF_E_INVALID_HANDLE);
43
      __libelf_seterrno (ELF_E_INVALID_HANDLE);
Lines 60-66 gelf_getrela (data, ndx, dst) Link Here
60
  if (scn->elf->class == ELFCLASS32)
54
  if (scn->elf->class == ELFCLASS32)
61
    {
55
    {
62
      /* We have to convert the data.  */
56
      /* We have to convert the data.  */
63
      if (unlikely ((ndx + 1) * sizeof (Elf32_Rela) > data_scn->d.d_size))
57
      if (INVALID_NDX (ndx, Elf32_Rela)
58
	  || unlikely ((ndx + 1) * sizeof (Elf32_Rela) > data_scn->d.d_size))
64
	{
59
	{
65
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
60
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
66
	  result = NULL;
61
	  result = NULL;
Lines 81-87 gelf_getrela (data, ndx, dst) Link Here
81
    {
76
    {
82
      /* Simply copy the data after we made sure we are actually getting
77
      /* Simply copy the data after we made sure we are actually getting
83
	 correct data.  */
78
	 correct data.  */
84
      if (unlikely ((ndx + 1) * sizeof (Elf64_Rela) > data_scn->d.d_size))
79
      if (INVALID_NDX (ndx, Elf64_Rela)
80
	  || unlikely ((ndx + 1) * sizeof (Elf64_Rela) > data_scn->d.d_size))
85
	{
81
	{
86
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
82
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
87
	  result = NULL;
83
	  result = NULL;
(-)elfutils-0.108/libelf/gelf_update_syminfo.c.jj (-8 / +3 lines)
Lines 1-5 Link Here
1
/* Update additional symbol information in symbol table at the given index.
1
/* Update additional symbol information in symbol table at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 39-50 gelf_update_syminfo (data, ndx, src) Link Here
39
  if (data == NULL)
39
  if (data == NULL)
40
    return 0;
40
    return 0;
41
41
42
  if (unlikely (ndx < 0))
43
    {
44
      __libelf_seterrno (ELF_E_INVALID_INDEX);
45
      return 0;
46
    }
47
48
  if (unlikely (data_scn->d.d_type != ELF_T_SYMINFO))
42
  if (unlikely (data_scn->d.d_type != ELF_T_SYMINFO))
49
    {
43
    {
50
      /* The type of the data better should match.  */
44
      /* The type of the data better should match.  */
Lines 60-66 gelf_update_syminfo (data, ndx, src) Link Here
60
  rwlock_wrlock (scn->elf->lock);
54
  rwlock_wrlock (scn->elf->lock);
61
55
62
  /* Check whether we have to resize the data buffer.  */
56
  /* Check whether we have to resize the data buffer.  */
63
  if (unlikely ((ndx + 1) * sizeof (GElf_Syminfo) > data_scn->d.d_size))
57
  if (INVALID_NDX (ndx, GElf_Syminfo)
58
      || unlikely ((ndx + 1) * sizeof (GElf_Syminfo) > data_scn->d.d_size))
64
    {
59
    {
65
      __libelf_seterrno (ELF_E_INVALID_INDEX);
60
      __libelf_seterrno (ELF_E_INVALID_INDEX);
66
      goto out;
61
      goto out;
(-)elfutils-0.108/libelf/gelf_getsyminfo.c.jj (-2 / +3 lines)
Lines 1-5 Link Here
1
/* Get additional symbol information from symbol table at the given index.
1
/* Get additional symbol information from symbol table at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 51-57 gelf_getsyminfo (data, ndx, dst) Link Here
51
51
52
  /* The data is already in the correct form.  Just make sure the
52
  /* The data is already in the correct form.  Just make sure the
53
     index is OK.  */
53
     index is OK.  */
54
  if (unlikely ((ndx + 1) * sizeof (GElf_Syminfo) > data->d_size))
54
  if (INVALID_NDX (ndx, GElf_Syminfo)
55
      || unlikely ((ndx + 1) * sizeof (GElf_Syminfo) > data->d_size))
55
    {
56
    {
56
      __libelf_seterrno (ELF_E_INVALID_INDEX);
57
      __libelf_seterrno (ELF_E_INVALID_INDEX);
57
      goto out;
58
      goto out;
(-)elfutils-0.108/libelf/elf_newscn.c.jj (-5 / +13 lines)
Lines 1-5 Link Here
1
/* Append new section.
1
/* Append new section.
2
   Copyright (C) 1998, 1999, 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 1998, 1999, 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1998.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1998.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 71-83 elf_newscn (elf) Link Here
71
  else
71
  else
72
    {
72
    {
73
      /* We must allocate a new element.  */
73
      /* We must allocate a new element.  */
74
      Elf_ScnList *newp;
74
      Elf_ScnList *newp = NULL;
75
75
76
      assert (elf->state.elf.scnincr > 0);
76
      assert (elf->state.elf.scnincr > 0);
77
77
78
      newp = (Elf_ScnList *) calloc (sizeof (Elf_ScnList)
78
      if (
79
				     + ((elf->state.elf.scnincr *= 2)
79
#if SIZE_MAX <= 4294967295U
80
					* sizeof (Elf_Scn)), 1);
80
	  likely (elf->state.elf.scnincr
81
		  < SIZE_MAX / 2 / sizeof (Elf_Scn) - sizeof (Elf_ScnList))
82
#else
83
	  1
84
#endif
85
	  )
86
	newp = (Elf_ScnList *) calloc (sizeof (Elf_ScnList)
87
				       + ((elf->state.elf.scnincr *= 2)
88
					  * sizeof (Elf_Scn)), 1);
81
      if (newp == NULL)
89
      if (newp == NULL)
82
	{
90
	{
83
	  __libelf_seterrno (ELF_E_NOMEM);
91
	  __libelf_seterrno (ELF_E_NOMEM);
(-)elfutils-0.108/libelf/gelf_update_lib.c.jj (-8 / +3 lines)
Lines 1-5 Link Here
1
/* Update library in table at the given index.
1
/* Update library in table at the given index.
2
   Copyright (C) 2004 Red Hat, Inc.
2
   Copyright (C) 2004, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2004.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2004.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 35-46 gelf_update_lib (data, ndx, src) Link Here
35
  if (data == NULL)
35
  if (data == NULL)
36
    return 0;
36
    return 0;
37
37
38
  if (unlikely (ndx < 0))
39
    {
40
      __libelf_seterrno (ELF_E_INVALID_INDEX);
41
      return 0;
42
    }
43
44
  Elf_Data_Scn *data_scn = (Elf_Data_Scn *) data;
38
  Elf_Data_Scn *data_scn = (Elf_Data_Scn *) data;
45
  if (unlikely (data_scn->d.d_type != ELF_T_LIB))
39
  if (unlikely (data_scn->d.d_type != ELF_T_LIB))
46
    {
40
    {
Lines 54-60 gelf_update_lib (data, ndx, src) Link Here
54
48
55
  /* Check whether we have to resize the data buffer.  */
49
  /* Check whether we have to resize the data buffer.  */
56
  int result = 0;
50
  int result = 0;
57
  if (unlikely ((ndx + 1) * sizeof (Elf64_Lib) > data_scn->d.d_size))
51
  if (INVALID_NDX (ndx, Elf64_Lib)
52
      || unlikely ((ndx + 1) * sizeof (Elf64_Lib) > data_scn->d.d_size))
58
    __libelf_seterrno (ELF_E_INVALID_INDEX);
53
    __libelf_seterrno (ELF_E_INVALID_INDEX);
59
  else
54
  else
60
    {
55
    {
(-)elfutils-0.108/libelf/gelf_getmove.c.jj (-2 / +3 lines)
Lines 1-5 Link Here
1
/* Get move structure at the given index.
1
/* Get move structure at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 50-56 gelf_getmove (data, ndx, dst) Link Here
50
50
51
  /* The data is already in the correct form.  Just make sure the
51
  /* The data is already in the correct form.  Just make sure the
52
     index is OK.  */
52
     index is OK.  */
53
  if (unlikely ((ndx + 1) * sizeof (GElf_Move) > data->d_size))
53
  if (INVALID_NDX (ndx, GElf_Move)
54
      || unlikely ((ndx + 1) * sizeof (GElf_Move) > data->d_size))
54
    {
55
    {
55
      __libelf_seterrno (ELF_E_INVALID_INDEX);
56
      __libelf_seterrno (ELF_E_INVALID_INDEX);
56
      goto out;
57
      goto out;
(-)elfutils-0.108/libelf/elf32_updatefile.c.jj (+7 lines)
Lines 164-169 __elfw2(LIBELFBITS,updatemmap) (Elf *elf Link Here
164
  /* Write all the sections.  Well, only those which are modified.  */
164
  /* Write all the sections.  Well, only those which are modified.  */
165
  if (shnum > 0)
165
  if (shnum > 0)
166
    {
166
    {
167
      if (unlikely (shnum > SIZE_MAX / sizeof (Elf_Scn *)))
168
	return 1;
169
167
      ElfW2(LIBELFBITS,Shdr) *shdr_dest;
170
      ElfW2(LIBELFBITS,Shdr) *shdr_dest;
168
      Elf_ScnList *list = &elf->state.ELFW(elf,LIBELFBITS).scns;
171
      Elf_ScnList *list = &elf->state.ELFW(elf,LIBELFBITS).scns;
169
      Elf_Scn **scns = (Elf_Scn **) alloca (shnum * sizeof (Elf_Scn *));
172
      Elf_Scn **scns = (Elf_Scn **) alloca (shnum * sizeof (Elf_Scn *));
Lines 468-473 __elfw2(LIBELFBITS,updatefile) (Elf *elf Link Here
468
  /* Write all the sections.  Well, only those which are modified.  */
471
  /* Write all the sections.  Well, only those which are modified.  */
469
  if (shnum > 0)
472
  if (shnum > 0)
470
    {
473
    {
474
      if (unlikely (shnum > SIZE_MAX / (sizeof (Elf_Scn *)
475
					+ sizeof (ElfW2(LIBELFBITS,Shdr)))))
476
	return 1;
477
471
      off_t shdr_offset = elf->start_offset + ehdr->e_shoff;
478
      off_t shdr_offset = elf->start_offset + ehdr->e_shoff;
472
#if EV_NUM != 2
479
#if EV_NUM != 2
473
      xfct_t shdr_fctp = __elf_xfctstom[__libelf_version - 1][EV_CURRENT - 1][ELFW(ELFCLASS, LIBELFBITS) - 1][ELF_T_SHDR];
480
      xfct_t shdr_fctp = __elf_xfctstom[__libelf_version - 1][EV_CURRENT - 1][ELFW(ELFCLASS, LIBELFBITS) - 1][ELF_T_SHDR];
(-)elfutils-0.108/libelf/gelf_getsymshndx.c.jj (-4 / +8 lines)
Lines 1-6 Link Here
1
/* Get symbol information and separate section index from symbol table
1
/* Get symbol information and separate section index from symbol table
2
   at the given index.
2
   at the given index.
3
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
3
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
4
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
5
5
6
   This program is free software; you can redistribute it and/or modify
6
   This program is free software; you can redistribute it and/or modify
Lines 57-63 gelf_getsymshndx (symdata, shndxdata, nd Link Here
57
     section index table.  */
57
     section index table.  */
58
  if (likely (shndxdata_scn != NULL))
58
  if (likely (shndxdata_scn != NULL))
59
    {
59
    {
60
      if (unlikely ((ndx + 1) * sizeof (Elf32_Word) > shndxdata_scn->d.d_size))
60
      if (INVALID_NDX (ndx, Elf32_Word)
61
	  || unlikely ((ndx + 1) * sizeof (Elf32_Word)
62
		       > shndxdata_scn->d.d_size))
61
	{
63
	{
62
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
64
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
63
	  goto out;
65
	  goto out;
Lines 77-83 gelf_getsymshndx (symdata, shndxdata, nd Link Here
77
	 table entries has to be adopted.  The user better has provided
79
	 table entries has to be adopted.  The user better has provided
78
	 a buffer where we can store the information.  While copying the
80
	 a buffer where we can store the information.  While copying the
79
	 data we are converting the format.  */
81
	 data we are converting the format.  */
80
      if (unlikely ((ndx + 1) * sizeof (Elf32_Sym) > symdata->d_size))
82
      if (INVALID_NDX (ndx, Elf32_Sym)
83
	  || unlikely ((ndx + 1) * sizeof (Elf32_Sym) > symdata->d_size))
81
	{
84
	{
82
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
85
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
83
	  goto out;
86
	  goto out;
Lines 106-112 gelf_getsymshndx (symdata, shndxdata, nd Link Here
106
109
107
      /* The data is already in the correct form.  Just make sure the
110
      /* The data is already in the correct form.  Just make sure the
108
	 index is OK.  */
111
	 index is OK.  */
109
      if (unlikely ((ndx + 1) * sizeof (GElf_Sym) > symdata->d_size))
112
      if (INVALID_NDX (ndx, GElf_Sym)
113
	  || unlikely ((ndx + 1) * sizeof (GElf_Sym) > symdata->d_size))
110
	{
114
	{
111
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
115
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
112
	  goto out;
116
	  goto out;
(-)elfutils-0.108/libelf/gelf_update_move.c.jj (-2 / +2 lines)
Lines 1-5 Link Here
1
/* Update move structure at the given index.
1
/* Update move structure at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 42-48 gelf_update_move (data, ndx, src) Link Here
42
  assert (sizeof (GElf_Move) == sizeof (Elf64_Move));
42
  assert (sizeof (GElf_Move) == sizeof (Elf64_Move));
43
43
44
  /* Check whether we have to resize the data buffer.  */
44
  /* Check whether we have to resize the data buffer.  */
45
  if (unlikely (ndx < 0)
45
  if (INVALID_NDX (ndx, GElf_Move)
46
      || unlikely ((ndx + 1) * sizeof (GElf_Move) > data_scn->d.d_size))
46
      || unlikely ((ndx + 1) * sizeof (GElf_Move) > data_scn->d.d_size))
47
    {
47
    {
48
      __libelf_seterrno (ELF_E_INVALID_INDEX);
48
      __libelf_seterrno (ELF_E_INVALID_INDEX);
(-)elfutils-0.108/libelf/gelf_update_dyn.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Update information in dynamic table at the given index.
1
/* Update information in dynamic table at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 38-49 gelf_update_dyn (data, ndx, src) Link Here
38
  if (data == NULL)
38
  if (data == NULL)
39
    return 0;
39
    return 0;
40
40
41
  if (unlikely (ndx < 0))
42
    {
43
      __libelf_seterrno (ELF_E_INVALID_INDEX);
44
      return 0;
45
    }
46
47
  if (unlikely (data_scn->d.d_type != ELF_T_DYN))
41
  if (unlikely (data_scn->d.d_type != ELF_T_DYN))
48
    {
42
    {
49
      /* The type of the data better should match.  */
43
      /* The type of the data better should match.  */
Lines 69-75 gelf_update_dyn (data, ndx, src) Link Here
69
	}
63
	}
70
64
71
      /* Check whether we have to resize the data buffer.  */
65
      /* Check whether we have to resize the data buffer.  */
72
      if (unlikely ((ndx + 1) * sizeof (Elf32_Dyn) > data_scn->d.d_size))
66
      if (INVALID_NDX (ndx, Elf32_Dyn)
67
	  || unlikely ((ndx + 1) * sizeof (Elf32_Dyn) > data_scn->d.d_size))
73
	{
68
	{
74
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
69
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
75
	  goto out;
70
	  goto out;
Lines 83-89 gelf_update_dyn (data, ndx, src) Link Here
83
  else
78
  else
84
    {
79
    {
85
      /* Check whether we have to resize the data buffer.  */
80
      /* Check whether we have to resize the data buffer.  */
86
      if (unlikely ((ndx + 1) * sizeof (Elf64_Dyn) > data_scn->d.d_size))
81
      if (INVALID_NDX (ndx, Elf64_Dyn)
82
	  || unlikely ((ndx + 1) * sizeof (Elf64_Dyn) > data_scn->d.d_size))
87
	{
83
	{
88
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
84
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
89
	  goto out;
85
	  goto out;
(-)elfutils-0.108/libelf/elf_begin.c.jj (-1 / +1 lines)
Lines 220-226 file_read_elf (int fildes, void *map_add Link Here
220
220
221
  /* Determine the number of sections.  */
221
  /* Determine the number of sections.  */
222
  scncnt = get_shnum (map_address, e_ident, fildes, offset, maxsize);
222
  scncnt = get_shnum (map_address, e_ident, fildes, offset, maxsize);
223
  if (scncnt == (size_t) -1l)
223
  if (scncnt == (size_t) -1l || scncnt > SIZE_MAX / sizeof (Elf_Scn))
224
    /* Could not determine the number of sections.  */
224
    /* Could not determine the number of sections.  */
225
    return NULL;
225
    return NULL;
226
226
(-)elfutils-0.108/libelf/gelf_getversym.c.jj (-2 / +3 lines)
Lines 1-5 Link Here
1
/* Get symbol version information at the given index.
1
/* Get symbol version information at the given index.
2
   Copyright (C) 1999, 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 1999, 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1999.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1999.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 59-65 gelf_getversym (data, ndx, dst) Link Here
59
59
60
  /* The data is already in the correct form.  Just make sure the
60
  /* The data is already in the correct form.  Just make sure the
61
     index is OK.  */
61
     index is OK.  */
62
  if (unlikely ((ndx + 1) * sizeof (GElf_Versym) > data->d_size))
62
  if (INVALID_NDX (ndx, GElf_Versym)
63
      || unlikely ((ndx + 1) * sizeof (GElf_Versym) > data->d_size))
63
    {
64
    {
64
      __libelf_seterrno (ELF_E_INVALID_INDEX);
65
      __libelf_seterrno (ELF_E_INVALID_INDEX);
65
      result = NULL;
66
      result = NULL;
(-)elfutils-0.108/libelf/elf32_newphdr.c.jj (-1 / +7 lines)
Lines 1-5 Link Here
1
/* Create new ELF program header table.
1
/* Create new ELF program header table.
2
   Copyright (C) 1999, 2000, 2002 Red Hat, Inc.
2
   Copyright (C) 1999, 2000, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1998.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 1998.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 91-96 elfw2(LIBELFBITS,newphdr) (elf, count) Link Here
91
  else if (elf->state.ELFW(elf,LIBELFBITS).ehdr->e_phnum != count
91
  else if (elf->state.ELFW(elf,LIBELFBITS).ehdr->e_phnum != count
92
	   || elf->state.ELFW(elf,LIBELFBITS).phdr == NULL)
92
	   || elf->state.ELFW(elf,LIBELFBITS).phdr == NULL)
93
    {
93
    {
94
      if (unlikely (count > SIZE_MAX / sizeof (ElfW2(LIBELFBITS,Phdr))))
95
	{
96
	  result = NULL;
97
	  goto out;
98
	}
99
94
      /* Allocate a new program header with the appropriate number of
100
      /* Allocate a new program header with the appropriate number of
95
	 elements.  */
101
	 elements.  */
96
      result = (ElfW2(LIBELFBITS,Phdr) *)
102
      result = (ElfW2(LIBELFBITS,Phdr) *)
(-)elfutils-0.108/libelf/gelf_getdyn.c.jj (-3 / +5 lines)
Lines 1-5 Link Here
1
/* Get information from dynamic table at the given index.
1
/* Get information from dynamic table at the given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 60-66 gelf_getdyn (data, ndx, dst) Link Here
60
	 table entries has to be adopted.  The user better has provided
60
	 table entries has to be adopted.  The user better has provided
61
	 a buffer where we can store the information.  While copying the
61
	 a buffer where we can store the information.  While copying the
62
	 data we are converting the format.  */
62
	 data we are converting the format.  */
63
      if (unlikely ((ndx + 1) * sizeof (Elf32_Dyn) > data_scn->d.d_size))
63
      if (INVALID_NDX (ndx, Elf32_Dyn)
64
	  || unlikely ((ndx + 1) * sizeof (Elf32_Dyn) > data_scn->d.d_size))
64
	{
65
	{
65
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
66
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
66
	  goto out;
67
	  goto out;
Lines 81-87 gelf_getdyn (data, ndx, dst) Link Here
81
82
82
      /* The data is already in the correct form.  Just make sure the
83
      /* The data is already in the correct form.  Just make sure the
83
	 index is OK.  */
84
	 index is OK.  */
84
      if (unlikely ((ndx + 1) * sizeof (GElf_Dyn) > data_scn->d.d_size))
85
      if (INVALID_NDX (ndx, GElf_Dyn)
86
	  || unlikely ((ndx + 1) * sizeof (GElf_Dyn) > data_scn->d.d_size))
85
	{
87
	{
86
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
88
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
87
	  goto out;
89
	  goto out;
(-)elfutils-0.108/libelf/elf_getarsym.c.jj (+3 lines)
Lines 144-149 elf_getarsym (elf, ptr) Link Here
144
      size_t index_size = atol (tmpbuf);
144
      size_t index_size = atol (tmpbuf);
145
145
146
      if (SARMAG + sizeof (struct ar_hdr) + index_size > elf->maximum_size
146
      if (SARMAG + sizeof (struct ar_hdr) + index_size > elf->maximum_size
147
#if SIZE_MAX <= 4294967295U
148
	  || n >= SIZE_MAX / sizeof (Elf_Arsym)
149
#endif
147
	  || n * sizeof (uint32_t) > index_size)
150
	  || n * sizeof (uint32_t) > index_size)
148
	{
151
	{
149
	  /* This index table cannot be right since it does not fit into
152
	  /* This index table cannot be right since it does not fit into
(-)elfutils-0.108/libelf/libelfP.h.jj (+9 lines)
Lines 531-534 extern uint32_t __libelf_crc32 (uint32_t Link Here
531
  } while (0)
531
  } while (0)
532
#endif
532
#endif
533
533
534
/* Convenience macro.  Assumes int NDX and TYPE with size at least
535
   2 bytes.  */
536
#if SIZE_MAX > 4294967295U
537
# define INVALID_NDX(ndx, type) unlikely (ndx < 0)
538
#else
539
# define INVALID_NDX(ndx, type) \
540
  unlikely ((unsigned int) (ndx) >= SIZE_MAX / sizeof (type))
541
#endif
542
534
#endif  /* libelfP.h */
543
#endif  /* libelfP.h */
(-)elfutils-0.108/libelf/gelf_getlib.c.jj (-2 / +3 lines)
Lines 1-5 Link Here
1
/* Get library from table at the given index.
1
/* Get library from table at the given index.
2
   Copyright (C) 2004 Red Hat, Inc.
2
   Copyright (C) 2004, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2004.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2004.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 53-59 gelf_getlib (data, ndx, dst) Link Here
53
  /* The data is already in the correct form.  Just make sure the
53
  /* The data is already in the correct form.  Just make sure the
54
     index is OK.  */
54
     index is OK.  */
55
  GElf_Lib *result = NULL;
55
  GElf_Lib *result = NULL;
56
  if (unlikely ((ndx + 1) * sizeof (GElf_Lib) > data->d_size))
56
  if (INVALID_NDX (ndx, GElf_Lib)
57
      || unlikely ((ndx + 1) * sizeof (GElf_Lib) > data->d_size))
57
    __libelf_seterrno (ELF_E_INVALID_INDEX);
58
    __libelf_seterrno (ELF_E_INVALID_INDEX);
58
  else
59
  else
59
    {
60
    {
(-)elfutils-0.108/libelf/gelf_update_symshndx.c.jj (-9 / +5 lines)
Lines 1-6 Link Here
1
/* Update symbol information and section index in symbol table at the
1
/* Update symbol information and section index in symbol table at the
2
   given index.
2
   given index.
3
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
3
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
4
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
5
5
6
   This program is free software; you can redistribute it and/or modify
6
   This program is free software; you can redistribute it and/or modify
Lines 44-55 gelf_update_symshndx (symdata, shndxdata Link Here
44
  if (symdata == NULL)
44
  if (symdata == NULL)
45
    return 0;
45
    return 0;
46
46
47
  if (unlikely (ndx < 0))
48
    {
49
      __libelf_seterrno (ELF_E_INVALID_INDEX);
50
      return 0;
51
    }
52
53
  if (unlikely (symdata_scn->d.d_type != ELF_T_SYM))
47
  if (unlikely (symdata_scn->d.d_type != ELF_T_SYM))
54
    {
48
    {
55
      /* The type of the data better should match.  */
49
      /* The type of the data better should match.  */
Lines 95-101 gelf_update_symshndx (symdata, shndxdata Link Here
95
	}
89
	}
96
90
97
      /* Check whether we have to resize the data buffer.  */
91
      /* Check whether we have to resize the data buffer.  */
98
      if (unlikely ((ndx + 1) * sizeof (Elf32_Sym) > symdata_scn->d.d_size))
92
      if (INVALID_NDX (ndx, Elf32_Sym)
93
	  || unlikely ((ndx + 1) * sizeof (Elf32_Sym) > symdata_scn->d.d_size))
99
	{
94
	{
100
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
95
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
101
	  goto out;
96
	  goto out;
Lines 118-124 gelf_update_symshndx (symdata, shndxdata Link Here
118
  else
113
  else
119
    {
114
    {
120
      /* Check whether we have to resize the data buffer.  */
115
      /* Check whether we have to resize the data buffer.  */
121
      if (unlikely ((ndx + 1) * sizeof (Elf64_Sym) > symdata_scn->d.d_size))
116
      if (INVALID_NDX (ndx, Elf64_Sym)
117
	  || unlikely ((ndx + 1) * sizeof (Elf64_Sym) > symdata_scn->d.d_size))
122
	{
118
	{
123
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
119
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
124
	  goto out;
120
	  goto out;
(-)elfutils-0.108/libelf/elf32_getshdr.c.jj (-1 / +2 lines)
Lines 66-72 elfw2(LIBELFBITS,getshdr) (scn) Link Here
66
	goto out;
66
	goto out;
67
67
68
      size_t shnum;
68
      size_t shnum;
69
      if (INTUSE (elf_getshnum) (elf, &shnum) != 0)
69
      if (INTUSE (elf_getshnum) (elf, &shnum) != 0
70
	  || shnum > SIZE_MAX / sizeof (ElfW2(LIBELFBITS,Shdr)))
70
	goto out;
71
	goto out;
71
      size_t size = shnum * sizeof (ElfW2(LIBELFBITS,Shdr));
72
      size_t size = shnum * sizeof (ElfW2(LIBELFBITS,Shdr));
72
73
(-)elfutils-0.108/libelf/gelf_update_rela.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Update RELA relocation information at given index.
1
/* Update RELA relocation information at given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 35-46 gelf_update_rela (Elf_Data *dst, int ndx Link Here
35
  if (dst == NULL)
35
  if (dst == NULL)
36
    return 0;
36
    return 0;
37
37
38
  if (unlikely (ndx < 0))
39
    {
40
      __libelf_seterrno (ELF_E_INVALID_INDEX);
41
      return 0;
42
    }
43
44
  if (unlikely (data_scn->d.d_type != ELF_T_RELA))
38
  if (unlikely (data_scn->d.d_type != ELF_T_RELA))
45
    {
39
    {
46
      /* The type of the data better should match.  */
40
      /* The type of the data better should match.  */
Lines 68-74 gelf_update_rela (Elf_Data *dst, int ndx Link Here
68
	}
62
	}
69
63
70
      /* Check whether we have to resize the data buffer.  */
64
      /* Check whether we have to resize the data buffer.  */
71
      if (unlikely ((ndx + 1) * sizeof (Elf32_Rela) > data_scn->d.d_size))
65
      if (INVALID_NDX (ndx, Elf32_Rela)
66
	  || unlikely ((ndx + 1) * sizeof (Elf32_Rela) > data_scn->d.d_size))
72
	{
67
	{
73
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
68
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
74
	  goto out;
69
	  goto out;
Lines 84-90 gelf_update_rela (Elf_Data *dst, int ndx Link Here
84
  else
79
  else
85
    {
80
    {
86
      /* Check whether we have to resize the data buffer.  */
81
      /* Check whether we have to resize the data buffer.  */
87
      if (unlikely ((ndx + 1) * sizeof (Elf64_Rela) > data_scn->d.d_size))
82
      if (INVALID_NDX (ndx, Elf64_Rela)
83
	  || unlikely ((ndx + 1) * sizeof (Elf64_Rela) > data_scn->d.d_size))
88
	{
84
	{
89
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
85
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
90
	  goto out;
86
	  goto out;
(-)elfutils-0.108/libelf/gelf_update_versym.c.jj (-2 / +2 lines)
Lines 1-5 Link Here
1
/* Update symbol version information.
1
/* Update symbol version information.
2
   Copyright (C) 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2001.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2001.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 42-48 gelf_update_versym (data, ndx, src) Link Here
42
  assert (sizeof (GElf_Versym) == sizeof (Elf64_Versym));
42
  assert (sizeof (GElf_Versym) == sizeof (Elf64_Versym));
43
43
44
  /* Check whether we have to resize the data buffer.  */
44
  /* Check whether we have to resize the data buffer.  */
45
  if (unlikely (ndx < 0)
45
  if (INVALID_NDX (ndx, GElf_Versym)
46
      || unlikely ((ndx + 1) * sizeof (GElf_Versym) > data_scn->d.d_size))
46
      || unlikely ((ndx + 1) * sizeof (GElf_Versym) > data_scn->d.d_size))
47
    {
47
    {
48
      __libelf_seterrno (ELF_E_INVALID_INDEX);
48
      __libelf_seterrno (ELF_E_INVALID_INDEX);
(-)elfutils-0.108/libelf/gelf_update_rel.c.jj (-9 / +5 lines)
Lines 1-5 Link Here
1
/* Update REL relocation information at given index.
1
/* Update REL relocation information at given index.
2
   Copyright (C) 2000, 2001, 2002 Red Hat, Inc.
2
   Copyright (C) 2000, 2001, 2002, 2005 Red Hat, Inc.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
3
   Written by Ulrich Drepper <drepper@redhat.com>, 2000.
4
4
5
   This program is free software; you can redistribute it and/or modify
5
   This program is free software; you can redistribute it and/or modify
Lines 35-46 gelf_update_rel (Elf_Data *dst, int ndx, Link Here
35
  if (dst == NULL)
35
  if (dst == NULL)
36
    return 0;
36
    return 0;
37
37
38
  if (unlikely (ndx < 0))
39
    {
40
      __libelf_seterrno (ELF_E_INVALID_INDEX);
41
      return 0;
42
    }
43
44
  if (unlikely (data_scn->d.d_type != ELF_T_REL))
38
  if (unlikely (data_scn->d.d_type != ELF_T_REL))
45
    {
39
    {
46
      /* The type of the data better should match.  */
40
      /* The type of the data better should match.  */
Lines 66-72 gelf_update_rel (Elf_Data *dst, int ndx, Link Here
66
	}
60
	}
67
61
68
      /* Check whether we have to resize the data buffer.  */
62
      /* Check whether we have to resize the data buffer.  */
69
      if (unlikely ((ndx + 1) * sizeof (Elf32_Rel) > data_scn->d.d_size))
63
      if (INVALID_NDX (ndx, Elf32_Rel)
64
	  || unlikely ((ndx + 1) * sizeof (Elf32_Rel) > data_scn->d.d_size))
70
	{
65
	{
71
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
66
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
72
	  goto out;
67
	  goto out;
Lines 81-87 gelf_update_rel (Elf_Data *dst, int ndx, Link Here
81
  else
76
  else
82
    {
77
    {
83
      /* Check whether we have to resize the data buffer.  */
78
      /* Check whether we have to resize the data buffer.  */
84
      if (unlikely ((ndx + 1) * sizeof (Elf64_Rel) > data_scn->d.d_size))
79
      if (INVALID_NDX (ndx, Elf64_Rel)
80
	  || unlikely ((ndx + 1) * sizeof (Elf64_Rel) > data_scn->d.d_size))
85
	{
81
	{
86
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
82
	  __libelf_seterrno (ELF_E_INVALID_INDEX);
87
	  goto out;
83
	  goto out;
(-)elfutils-0.108/src/elflint.c.jj (-20 / +44 lines)
Lines 111-116 static uint32_t shstrndx; Link Here
111
/* Array to count references in section groups.  */
111
/* Array to count references in section groups.  */
112
static int *scnref;
112
static int *scnref;
113
113
114
/* Number of sections.  */
115
static unsigned int shnum;
116
114
117
115
int
118
int
116
main (int argc, char *argv[])
119
main (int argc, char *argv[])
Lines 300-309 section_name (Ebl *ebl, int idx) Link Here
300
{
303
{
301
  GElf_Shdr shdr_mem;
304
  GElf_Shdr shdr_mem;
302
  GElf_Shdr *shdr;
305
  GElf_Shdr *shdr;
306
  const char *ret;
307
308
  if ((unsigned int) idx > shnum)
309
    return "<invalid>";
303
310
304
  shdr = gelf_getshdr (elf_getscn (ebl->elf, idx), &shdr_mem);
311
  shdr = gelf_getshdr (elf_getscn (ebl->elf, idx), &shdr_mem);
305
312
306
  return elf_strptr (ebl->elf, shstrndx, shdr->sh_name);
313
  ret = elf_strptr (ebl->elf, shstrndx, shdr->sh_name);
314
  if (ret == NULL)
315
    return "<invalid>";
316
  return ret;
307
}
317
}
308
318
309
319
Lines 325-334 static const int valid_e_machine[] = Link Here
325
  (sizeof (valid_e_machine) / sizeof (valid_e_machine[0]))
335
  (sizeof (valid_e_machine) / sizeof (valid_e_machine[0]))
326
336
327
337
328
/* Number of sections.  */
329
static unsigned int shnum;
330
331
332
static void
338
static void
333
check_elf_header (Ebl *ebl, GElf_Ehdr *ehdr, size_t size)
339
check_elf_header (Ebl *ebl, GElf_Ehdr *ehdr, size_t size)
334
{
340
{
Lines 608-614 check_symtab (Ebl *ebl, GElf_Ehdr *ehdr, Link Here
608
      xndxdata = NULL;
614
      xndxdata = NULL;
609
    }
615
    }
610
616
611
  if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_SYM, 1, EV_CURRENT))
617
  size_t sh_entsize = gelf_fsize (ebl->elf, ELF_T_SYM, 1, EV_CURRENT);
618
  if (shdr->sh_entsize != sh_entsize)
612
    ERROR (gettext ("\
619
    ERROR (gettext ("\
613
section [%2zu] '%s': entry size is does not match ElfXX_Sym\n"),
620
section [%2zu] '%s': entry size is does not match ElfXX_Sym\n"),
614
	   cnt, section_name (ebl, cnt));
621
	   cnt, section_name (ebl, cnt));
Lines 646-652 section [%2d] '%s': XINDEX for zeroth en Link Here
646
	       xndxscnidx, section_name (ebl, xndxscnidx));
653
	       xndxscnidx, section_name (ebl, xndxscnidx));
647
    }
654
    }
648
655
649
  for (cnt = 1; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
656
  for (cnt = 1; cnt < shdr->sh_size / sh_entsize; ++cnt)
650
    {
657
    {
651
      sym = gelf_getsymshndx (data, xndxdata, cnt, &sym_mem, &xndx);
658
      sym = gelf_getsymshndx (data, xndxdata, cnt, &sym_mem, &xndx);
652
      if (sym == NULL)
659
      if (sym == NULL)
Lines 664-670 section [%2d] '%s': symbol %zu: invalid Link Here
664
      else
671
      else
665
	{
672
	{
666
	  name = elf_strptr (ebl->elf, shdr->sh_link, sym->st_name);
673
	  name = elf_strptr (ebl->elf, shdr->sh_link, sym->st_name);
667
	  assert (name != NULL);
674
	  assert (name != NULL
675
		  || strshdr->sh_type != SHT_STRTAB);
668
	}
676
	}
669
677
670
      if (sym->st_shndx == SHN_XINDEX)
678
      if (sym->st_shndx == SHN_XINDEX)
Lines 954-960 is_rel_dyn (Ebl *ebl, GElf_Ehdr *ehdr, i Link Here
954
      const GElf_Shdr *rcshdr = gelf_getshdr (scn, &rcshdr_mem);
962
      const GElf_Shdr *rcshdr = gelf_getshdr (scn, &rcshdr_mem);
955
      assert (rcshdr != NULL);
963
      assert (rcshdr != NULL);
956
964
957
      if (rcshdr->sh_type == SHT_DYNAMIC)
965
      if (rcshdr->sh_type == SHT_DYNAMIC && rcshdr->sh_entsize)
958
	{
966
	{
959
	  /* Found the dynamic section.  Look through it.  */
967
	  /* Found the dynamic section.  Look through it.  */
960
	  Elf_Data *d = elf_getdata (scn, NULL);
968
	  Elf_Data *d = elf_getdata (scn, NULL);
Lines 964-977 is_rel_dyn (Ebl *ebl, GElf_Ehdr *ehdr, i Link Here
964
	    {
972
	    {
965
	      GElf_Dyn dyn_mem;
973
	      GElf_Dyn dyn_mem;
966
	      GElf_Dyn *dyn = gelf_getdyn (d, cnt, &dyn_mem);
974
	      GElf_Dyn *dyn = gelf_getdyn (d, cnt, &dyn_mem);
967
	      assert (dyn != NULL);
975
976
	      if (dyn == NULL)
977
		break;
968
978
969
	      if (dyn->d_tag == DT_RELCOUNT)
979
	      if (dyn->d_tag == DT_RELCOUNT)
970
		{
980
		{
971
		  /* Found it.  One last check: does the number
981
		  /* Found it.  One last check: does the number
972
		     specified number of relative relocations exceed
982
		     specified number of relative relocations exceed
973
		     the total number of relocations?  */
983
		     the total number of relocations?  */
974
		  if (dyn->d_un.d_val > shdr->sh_size / shdr->sh_entsize)
984
		  if (shdr->sh_entsize
985
		      && dyn->d_un.d_val > shdr->sh_size / shdr->sh_entsize)
975
		    ERROR (gettext ("\
986
		    ERROR (gettext ("\
976
section [%2d] '%s': DT_RELCOUNT value %d too high for this section\n"),
987
section [%2d] '%s': DT_RELCOUNT value %d too high for this section\n"),
977
			   idx, section_name (ebl, idx),
988
			   idx, section_name (ebl, idx),
Lines 1048-1054 section [%2d] '%s': no relocations for m Link Here
1048
	}
1059
	}
1049
    }
1060
    }
1050
1061
1051
  if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_RELA, 1, EV_CURRENT))
1062
  size_t sh_entsize = gelf_fsize (ebl->elf, ELF_T_RELA, 1, EV_CURRENT);
1063
  if (shdr->sh_entsize != sh_entsize)
1052
    ERROR (gettext ("\
1064
    ERROR (gettext ("\
1053
section [%2d] '%s': section entry size does not match ElfXX_Rela\n"),
1065
section [%2d] '%s': section entry size does not match ElfXX_Rela\n"),
1054
	   idx, section_name (ebl, idx));
1066
	   idx, section_name (ebl, idx));
Lines 1058-1064 section [%2d] '%s': section entry size d Link Here
1058
  GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1070
  GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1059
  Elf_Data *symdata = elf_getdata (symscn, NULL);
1071
  Elf_Data *symdata = elf_getdata (symscn, NULL);
1060
1072
1061
  for (cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1073
  for (cnt = 0; cnt < shdr->sh_size / sh_entsize; ++cnt)
1062
    {
1074
    {
1063
      GElf_Rela rela_mem;
1075
      GElf_Rela rela_mem;
1064
      GElf_Rela *rela;
1076
      GElf_Rela *rela;
Lines 1183-1189 section [%2d] '%s': no relocations for m Link Here
1183
	}
1195
	}
1184
    }
1196
    }
1185
1197
1186
  if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_REL, 1, EV_CURRENT))
1198
  size_t sh_entsize = gelf_fsize (ebl->elf, ELF_T_REL, 1, EV_CURRENT);
1199
  if (shdr->sh_entsize != sh_entsize)
1187
    ERROR (gettext ("\
1200
    ERROR (gettext ("\
1188
section [%2d] '%s': section entry size does not match ElfXX_Rel\n"),
1201
section [%2d] '%s': section entry size does not match ElfXX_Rel\n"),
1189
	   idx, section_name (ebl, idx));
1202
	   idx, section_name (ebl, idx));
Lines 1193-1199 section [%2d] '%s': section entry size d Link Here
1193
  GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1206
  GElf_Shdr *symshdr = gelf_getshdr (symscn, &symshdr_mem);
1194
  Elf_Data *symdata = elf_getdata (symscn, NULL);
1207
  Elf_Data *symdata = elf_getdata (symscn, NULL);
1195
1208
1196
  for (cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1209
  for (cnt = 0; cnt < shdr->sh_size / sh_entsize; ++cnt)
1197
    {
1210
    {
1198
      GElf_Rel rel_mem;
1211
      GElf_Rel rel_mem;
1199
      GElf_Rel *rel;
1212
      GElf_Rel *rel;
Lines 1341-1347 section [%2d] '%s': referenced as string Link Here
1341
	   shdr->sh_link, section_name (ebl, shdr->sh_link),
1354
	   shdr->sh_link, section_name (ebl, shdr->sh_link),
1342
	   idx, section_name (ebl, idx));
1355
	   idx, section_name (ebl, idx));
1343
1356
1344
  if (shdr->sh_entsize != gelf_fsize (ebl->elf, ELF_T_DYN, 1, EV_CURRENT))
1357
  size_t sh_entsize = gelf_fsize (ebl->elf, ELF_T_DYN, 1, EV_CURRENT);
1358
  if (shdr->sh_entsize != sh_entsize)
1345
    ERROR (gettext ("\
1359
    ERROR (gettext ("\
1346
section [%2d] '%s': section entry size does not match ElfXX_Dyn\n"),
1360
section [%2d] '%s': section entry size does not match ElfXX_Dyn\n"),
1347
	   idx, section_name (ebl, idx));
1361
	   idx, section_name (ebl, idx));
Lines 1351-1357 section [%2d] '%s': section entry size d Link Here
1351
	   idx, section_name (ebl, idx));
1365
	   idx, section_name (ebl, idx));
1352
1366
1353
  bool non_null_warned = false;
1367
  bool non_null_warned = false;
1354
  for (cnt = 0; cnt < shdr->sh_size / shdr->sh_entsize; ++cnt)
1368
  for (cnt = 0; cnt < shdr->sh_size / sh_entsize; ++cnt)
1355
    {
1369
    {
1356
      GElf_Dyn dyn_mem;
1370
      GElf_Dyn dyn_mem;
1357
      GElf_Dyn *dyn;
1371
      GElf_Dyn *dyn;
Lines 1502-1507 section [%2d] '%s': entry size does not Link Here
1502
	   idx, section_name (ebl, idx));
1516
	   idx, section_name (ebl, idx));
1503
1517
1504
  if (symshdr != NULL
1518
  if (symshdr != NULL
1519
      && shdr->sh_entsize
1520
      && symshdr->sh_entsize
1505
      && (shdr->sh_size / shdr->sh_entsize
1521
      && (shdr->sh_size / shdr->sh_entsize
1506
	  < symshdr->sh_size / symshdr->sh_entsize))
1522
	  < symshdr->sh_size / symshdr->sh_entsize))
1507
    ERROR (gettext ("\
1523
    ERROR (gettext ("\
Lines 1530-1535 section [%2d] '%s': extended section ind Link Here
1530
    }
1546
    }
1531
1547
1532
  data = elf_getdata (scn, NULL);
1548
  data = elf_getdata (scn, NULL);
1549
  if (data == NULL)
1550
    {
1551
      ERROR (gettext ("section [%2d] '%s': cannot get section data\n"),
1552
	     idx, section_name (ebl, idx));
1553
      return;
1554
    }
1533
1555
1534
  if (*((Elf32_Word *) data->d_buf) != 0)
1556
  if (*((Elf32_Word *) data->d_buf) != 0)
1535
    ERROR (gettext ("symbol 0 should have zero extended section index\n"));
1557
    ERROR (gettext ("symbol 0 should have zero extended section index\n"));
Lines 1613-1619 section [%2d] '%s': hash table section i Link Here
1613
	   idx, section_name (ebl, idx), (long int) shdr->sh_size,
1635
	   idx, section_name (ebl, idx), (long int) shdr->sh_size,
1614
	   (long int) ((2 + nbucket + nchain) * shdr->sh_entsize));
1636
	   (long int) ((2 + nbucket + nchain) * shdr->sh_entsize));
1615
1637
1616
  if (symshdr != NULL)
1638
  if (symshdr != NULL && symshdr->sh_entsize)
1617
    {
1639
    {
1618
      size_t symsize = symshdr->sh_size / symshdr->sh_entsize;
1640
      size_t symsize = symshdr->sh_size / symshdr->sh_entsize;
1619
      size_t cnt;
1641
      size_t cnt;
Lines 1910-1917 section [%2d] '%s' refers in sh_link to Link Here
1910
      return;
1932
      return;
1911
    }
1933
    }
1912
1934
1913
  if (shdr->sh_size / shdr->sh_entsize
1935
  if (shdr->sh_entsize
1914
      != symshdr->sh_size / symshdr->sh_entsize)
1936
      && symshdr->sh_entsize
1937
      && shdr->sh_size / shdr->sh_entsize
1938
	 != symshdr->sh_size / symshdr->sh_entsize)
1915
    ERROR (gettext ("\
1939
    ERROR (gettext ("\
1916
section [%2d] '%s' has different number of entries than symbol table [%2d] '%s'\n"),
1940
section [%2d] '%s' has different number of entries than symbol table [%2d] '%s'\n"),
1917
	   idx, section_name (ebl, idx),
1941
	   idx, section_name (ebl, idx),

Return to bug 91817