src/nlist.c


Log

Author Commit Date CI Message
Guillem Jover 9d917aad 2019-08-07T22:58:30 nlist: Fix out-of-bounds read on strtab When doing a string comparison for a symbol name from the string table, we should make sure we do a bounded comparison, otherwise a non-NUL terminated string might make the code read out-of-bounds. Warned-by: coverity
Guillem Jover 18662cad 2019-06-15T14:33:32 nlist: Fix unbounded malloc() calls There are a couple of malloc() calls with unbounded size arguments, coming from the parsed file. We need to make sure the size is not larger than the file being parsed, otherwise we might end up with out of memory conditions. Reported-by: Daniel Hodson <daniel@elttam.com.au> Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover ce53f7c2 2019-06-15T14:33:32 nlist: Fix pread() return value check We should check for partial reads, and not continue in those cases, as we are not retrying them, otherwise we might end up operating on uninitialized data. Reported-by: Daniel Hodson <daniel@elttam.com.au> Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au> Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover 24d1f4dd 2019-06-15T14:33:32 nlist: Check whether sh_link is within bounds The sh_link members should be >= e_shnum, otherwise we might do out of bounds read accesses on the shdr array. Reported-by: Daniel Hodson <daniel@elttam.com.au> Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au> Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover e9529d9b 2019-06-15T14:33:32 nlist: Check that e_shnum and e_shentsize are within bounds The e_shnum must not be 0, otherwise we will do a zero sized allocation and further processing of the executable will lead to out of bounds read/write accesses. The e_shentsize must be equal to sizeof(Elf_Shdr), otherwise we will perform out of bounds read accesses on the shdr array. Reported-by: Daniel Hodson <daniel@elttam.com.au> Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au> Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover 3aaedb12 2019-06-15T14:33:32 nlist: Check whether the nl argument is not NULL This prevents programming errors. Reported-by: Daniel Hodson <daniel@elttam.com.au> Based-on-patch-by: Daniel Hodson <daniel@elttam.com.au> Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover 47013bc9 2017-06-14T01:49:25 Fix broken mmap() usage in nlist() by switching to pread() The offset is not page aligned, which makes mmap() return EINVAL on Linux. Switch to use pread() which handles unaligned offset and non-page sized reads, and because we are already loading parts of the executable by read() calls, so there's not much point in using mmap() anyway.
Guillem Jover e8d340de 2017-06-05T05:30:27 Remove a.out support from nlist() Some libc libraries do not have an <a.out.h> header. And a.out as an executable format is very much obsolete on pretty much all currently supported systems, even if they might still support loading such objects. Remove the a.out support to increase portability.
Guillem Jover 07c76b66 2017-06-05T06:17:27 Do not use legacy BSD u_* types Some systems do not have these types available, and they are simply convenience aliases. Instead use the expanded versions which are more portable. Fixes: https://bugs.freedesktop.org/show_bug.cgi?id=101192
Szabolcs Nagy cbfe0ebc 2016-03-27T12:37:09 Add missing <fcntl.h> includes These are required due to the O_* macro usage, but have passed undetected on glibc-based systems due to implicit inclusions. Signed-off-by: Guillem Jover <guillem@hadrons.org>
Guillem Jover a6a101ef 2014-11-04T05:33:26 Use ANSI C prototypes
Guillem Jover 7c4caa67 2013-05-25T15:36:11 Fix comparison between signed and unsigned integer compiler warnings
Guillem Jover 2fb7200d 2011-10-23T19:27:44 Fix typos in source comments Found by codespell.
Guillem Jover 45783ae4 2009-05-29T02:45:54 Define N_SYMSIZE in case the system does not do it Fixes build failures on some non-Linux ports. Based-on-patch-by: Petr Salinger <Petr.Salinger@seznam.cz>
Guillem Jover e4aff3d9 2009-05-25T06:41:42 Use N_SYMSIZE instead of directly accessing ‘struct exec’ On Linux alpha ‘struct exec’ does not have an a_syms member, and the N_SYMSIZE is mapped to 0.
Guillem Jover dcaec44a 2009-05-20T04:11:57 Add nlist function