mirror of
https://github.com/LadybirdBrowser/ladybird.git
synced 2025-09-22 01:08:56 +00:00
LibELF: Reject ELF with program header p_filesz larger than p_memsz
This commit is contained in:
Brendan Coles
Andreas Kling
parent
ca0f3db004
commit
bceee87f61
Notes:
sideshowbarker
2024-07-19 00:31:14 +09:00
Author: https://github.com/bcoles
Commit: bceee87f61
Pull-request: https://github.com/SerenityOS/serenity/pull/4576
Reviewed-by: https://github.com/ADKaster
Reviewed-by: https://github.com/linusg
1 changed files with 7 additions and 0 deletions
|
|
@ -193,6 +193,13 @@ bool validate_program_headers(const Elf32_Ehdr& elf_header, size_t file_size, co
|
||||||
|
|
||||||
for (size_t header_index = 0; header_index < num_program_headers; ++header_index) {
|
for (size_t header_index = 0; header_index < num_program_headers; ++header_index) {
|
||||||
auto& program_header = program_header_begin[header_index];
|
auto& program_header = program_header_begin[header_index];
|
||||||
|
|
||||||
|
if (program_header.p_filesz > program_header.p_memsz) {
|
||||||
|
if (verbose)
|
||||||
|
dbgln("Program header ({}) has p_filesz ({}) larger than p_memsz ({})", header_index, program_header.p_filesz, program_header.p_memsz);
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
switch (program_header.p_type) {
|
switch (program_header.p_type) {
|
||||||
case PT_INTERP:
|
case PT_INTERP:
|
||||||
// We checked above that file_size was >= buffer size. We only care about buffer size anyway, we're trying to read this!
|
// We checked above that file_size was >= buffer size. We only care about buffer size anyway, we're trying to read this!
|
||||||
|
|
|
||||||
Loading…
Add table
Add a link
Reference in a new issue