diff options
| author | Ian Lance Taylor <iant@golang.org> | 2022-03-30 18:47:11 -0700 |
|---|---|---|
| committer | Ian Lance Taylor <iant@golang.org> | 2022-03-31 14:47:33 +0000 |
| commit | 109a18dce7ef8ecb2aa60cef25362ebd05661ea0 (patch) | |
| tree | 2bc677c9c48577336f2b23a8d5e61ec085946a46 | |
| parent | a9d13a9c230bafba64469f126202315ba4d24eea (diff) | |
| download | go-109a18dce7ef8ecb2aa60cef25362ebd05661ea0.tar.xz | |
debug/elf: check for negative shoff and phoff fields
No test because we could add an infinite number of tests of bogus data.
For #47653
Fixes #52035
Change-Id: Iec7e2fe23f2dd1cf14bad2475422f243f51028f5
Reviewed-on: https://go-review.googlesource.com/c/go/+/396880
Trust: Ian Lance Taylor <iant@golang.org>
Run-TryBot: Ian Lance Taylor <iant@golang.org>
TryBot-Result: Gopher Robot <gobot@golang.org>
Reviewed-by: Tobias Klauser <tobias.klauser@gmail.com>
Reviewed-by: Than McIntosh <thanm@google.com>
| -rw-r--r-- | src/debug/elf/file.go | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/src/debug/elf/file.go b/src/debug/elf/file.go index e93200a11d..5f339596a7 100644 --- a/src/debug/elf/file.go +++ b/src/debug/elf/file.go @@ -325,6 +325,13 @@ func NewFile(r io.ReaderAt) (*File, error) { shstrndx = int(hdr.Shstrndx) } + if shoff < 0 { + return nil, &FormatError{0, "invalid shoff", shoff} + } + if phoff < 0 { + return nil, &FormatError{0, "invalid phoff", phoff} + } + if shoff == 0 && shnum != 0 { return nil, &FormatError{0, "invalid ELF shnum for shoff=0", shnum} } @@ -419,6 +426,12 @@ func NewFile(r io.ReaderAt) (*File, error) { Entsize: sh.Entsize, } } + if int64(s.Offset) < 0 { + return nil, &FormatError{off, "invalid section offset", int64(s.Offset)} + } + if int64(s.FileSize) < 0 { + return nil, &FormatError{off, "invalid section size", int64(s.FileSize)} + } s.sr = io.NewSectionReader(r, int64(s.Offset), int64(s.FileSize)) if s.Flags&SHF_COMPRESSED == 0 { |