diff options
author | Mark Wielaard <mjw@redhat.com> | 2014-11-24 21:54:42 +0100 |
---|---|---|
committer | Mark Wielaard <mjw@redhat.com> | 2014-11-26 20:28:13 +0100 |
commit | 020fc02c554226a914e9dd17394236eabe3f03d3 (patch) | |
tree | 2961806398544e699c7ca3baa4d541113fad912e | |
parent | 59480ba86fdaad7eb2e104b69af4a3b07e20d6fb (diff) | |
download | elfutils-020fc02c554226a914e9dd17394236eabe3f03d3.tar.gz |
readelf, libdw: Guard against divide by zero line_range in .debug_line.
For DW_LNS_const_add_pc and special opcodes don't accept line_range
being zero.
Signed-off-by: Mark Wielaard <mjw@redhat.com>
-rw-r--r-- | libdw/ChangeLog | 5 | ||||
-rw-r--r-- | libdw/dwarf_getsrclines.c | 6 | ||||
-rw-r--r-- | src/ChangeLog | 5 | ||||
-rw-r--r-- | src/readelf.c | 7 |
4 files changed, 23 insertions, 0 deletions
diff --git a/libdw/ChangeLog b/libdw/ChangeLog index 19d6689c..37f94df1 100644 --- a/libdw/ChangeLog +++ b/libdw/ChangeLog @@ -1,3 +1,8 @@ +2014-11-24 Mark Wielaard <mjw@redhat.com> + + * dwarf_getsrclines.c (read_srclines): Check line_range is not zero + before usage. + 2014-11-23 Mark Wielaard <mjw@redhat.com> * dwarf_attr.c (dwarf_attr): Check __libdw_find_attr return value. diff --git a/libdw/dwarf_getsrclines.c b/libdw/dwarf_getsrclines.c index 15881e8e..d5037485 100644 --- a/libdw/dwarf_getsrclines.c +++ b/libdw/dwarf_getsrclines.c @@ -365,6 +365,9 @@ read_srclines (Dwarf *dbg, /* Is this a special opcode? */ if (likely (opcode >= opcode_base)) { + if (unlikely (line_range == 0)) + goto invalid_data; + /* Yes. Handling this is quite easy since the opcode value is computed with @@ -576,6 +579,9 @@ read_srclines (Dwarf *dbg, if (unlikely (standard_opcode_lengths[opcode] != 0)) goto invalid_data; + if (unlikely (line_range == 0)) + goto invalid_data; + advance_pc ((255 - opcode_base) / line_range); break; diff --git a/src/ChangeLog b/src/ChangeLog index 19509dc6..0082e651 100644 --- a/src/ChangeLog +++ b/src/ChangeLog @@ -1,3 +1,8 @@ +2014-11-24 Mark Wielaard <mjw@redhat.com> + + * readelf.c (print_debug_line_section): Check line_range is not zero + before usage. + 2014-11-23 Mark Wielaard <mjw@redhat.com> * readelf.c (print_debug_aranges_section): Check length to catch diff --git a/src/readelf.c b/src/readelf.c index c3ebe743..00986d1e 100644 --- a/src/readelf.c +++ b/src/readelf.c @@ -6507,6 +6507,9 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, /* Is this a special opcode? */ if (likely (opcode >= opcode_base)) { + if (unlikely (line_range == 0)) + goto invalid_unit; + /* Yes. Handling this is quite easy since the opcode value is computed with @@ -6682,6 +6685,10 @@ print_debug_line_section (Dwfl_Module *dwflmod, Ebl *ebl, GElf_Ehdr *ehdr, case DW_LNS_const_add_pc: /* Takes no argument. */ + + if (unlikely (line_range == 0)) + goto invalid_unit; + advance_pc ((255 - opcode_base) / line_range); { char *a = format_dwarf_addr (dwflmod, 0, address, address); |