Skip to content

Commit

Permalink
Validate size of entries before accessing members
Browse files Browse the repository at this point in the history 
Signed-off-by: Alan Jowett <[email protected]>
  • Loading branch information
@serge1
Alan Jowett authored and serge1 committed Jan 20, 2024
1 parent 9814eaa commit 182248f
Show file tree
Hide file tree
Showing 2 changed files with 20 additions and 8 deletions.
25 changes: 17 additions & 8 deletions elfio/elfio_relocation.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -96,26 +96,26 @@ template <class S> class relocation_section_accessor_template

if ( elf_file.get_class() == ELFCLASS32 ) {
if ( SHT_REL == relocation_section->get_type() ) {
generic_get_entry_rel<Elf32_Rel>( index, offset, symbol, type,
return generic_get_entry_rel<Elf32_Rel>( index, offset, symbol, type,
addend );
}
else if ( SHT_RELA == relocation_section->get_type() ) {
generic_get_entry_rela<Elf32_Rela>( index, offset, symbol, type,
return generic_get_entry_rela<Elf32_Rela>( index, offset, symbol, type,
addend );
}
}
else {
if ( SHT_REL == relocation_section->get_type() ) {
generic_get_entry_rel<Elf64_Rel>( index, offset, symbol, type,
return generic_get_entry_rel<Elf64_Rel>( index, offset, symbol, type,
addend );
}
else if ( SHT_RELA == relocation_section->get_type() ) {
generic_get_entry_rela<Elf64_Rela>( index, offset, symbol, type,
return generic_get_entry_rela<Elf64_Rela>( index, offset, symbol, type,
addend );
}
}

return true;
// Unknown relocation section type.
return false;
}

//------------------------------------------------------------------------------
Expand Down Expand Up @@ -319,14 +319,17 @@ template <class S> class relocation_section_accessor_template

//------------------------------------------------------------------------------
template <class T>
void generic_get_entry_rel( Elf_Xword index,
bool generic_get_entry_rel( Elf_Xword index,
Elf64_Addr& offset,
Elf_Word& symbol,
unsigned& type,
Elf_Sxword& addend ) const
{
const endianess_convertor& convertor = elf_file.get_convertor();

if (relocation_section->get_entry_size() < sizeof( T ) ) {
return false;
}
const T* pEntry = reinterpret_cast<const T*>(
relocation_section->get_data() +
index * relocation_section->get_entry_size() );
Expand All @@ -335,18 +338,23 @@ template <class S> class relocation_section_accessor_template
symbol = get_sym_and_type<T>::get_r_sym( tmp );
type = get_sym_and_type<T>::get_r_type( tmp );
addend = 0;
return true;
}

//------------------------------------------------------------------------------
template <class T>
void generic_get_entry_rela( Elf_Xword index,
bool generic_get_entry_rela( Elf_Xword index,
Elf64_Addr& offset,
Elf_Word& symbol,
unsigned& type,
Elf_Sxword& addend ) const
{
const endianess_convertor& convertor = elf_file.get_convertor();

if (relocation_section->get_entry_size() < sizeof( T ) ) {
return false;
}

const T* pEntry = reinterpret_cast<const T*>(
relocation_section->get_data() +
index * relocation_section->get_entry_size() );
Expand All @@ -355,6 +363,7 @@ template <class S> class relocation_section_accessor_template
symbol = get_sym_and_type<T>::get_r_sym( tmp );
type = get_sym_and_type<T>::get_r_type( tmp );
addend = convertor( pEntry->r_addend );
return true;
}

//------------------------------------------------------------------------------
Expand Down
3 changes: 3 additions & 0 deletions elfio/elfio_symbols.hpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -395,6 +395,9 @@ template <class S> class symbol_section_accessor_template
template <class T> const T* generic_get_symbol_ptr( Elf_Xword index ) const
{
if ( 0 != symbol_section->get_data() && index < get_symbols_num() ) {
if ( symbol_section->get_entry_size() < sizeof( T ) ) {
return nullptr;
}
const T* pSym = reinterpret_cast<const T*>(
symbol_section->get_data() +
index * symbol_section->get_entry_size() );
Expand Down

0 comments on commit 182248f

Please sign in to comment.