diff options
author | Lorry Tar Creator <lorry-tar-importer@baserock.org> | 2015-01-02 20:23:27 +0000 |
---|---|---|
committer | <> | 2015-02-03 17:27:18 +0000 |
commit | 670c2bbcffe873a2b8589ed140c12e7923ef20c0 (patch) | |
tree | 41044880e826d60621a2d636ed71283de5e0e291 /src/elfclass.h | |
parent | 3b49db406667ee7189b9ea69b9d9e0bdcc43c5b7 (diff) | |
download | file-670c2bbcffe873a2b8589ed140c12e7923ef20c0.tar.gz |
Imported from /home/lorry/working-area/delta_file/file-5.22.tar.gz.file-5.22
Diffstat (limited to 'src/elfclass.h')
-rw-r--r-- | src/elfclass.h | 34 |
1 files changed, 23 insertions, 11 deletions
diff --git a/src/elfclass.h b/src/elfclass.h index 010958a..5360b0b 100644 --- a/src/elfclass.h +++ b/src/elfclass.h @@ -32,39 +32,51 @@ swap = (u.c[sizeof(int32_t) - 1] + 1) != elfhdr.e_ident[EI_DATA]; type = elf_getu16(swap, elfhdr.e_type); + notecount = ms->elf_notes_max; switch (type) { #ifdef ELFCORE case ET_CORE: + phnum = elf_getu16(swap, elfhdr.e_phnum); + if (phnum > ms->elf_phnum_max) + return toomany(ms, "program headers", phnum); flags |= FLAGS_IS_CORE; if (dophn_core(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_phoff), - elf_getu16(swap, elfhdr.e_phnum), + (off_t)elf_getu(swap, elfhdr.e_phoff), phnum, (size_t)elf_getu16(swap, elfhdr.e_phentsize), - fsize, &flags) == -1) + fsize, &flags, ¬ecount) == -1) return -1; break; #endif case ET_EXEC: case ET_DYN: + phnum = elf_getu16(swap, elfhdr.e_phnum); + if (phnum > ms->elf_phnum_max) + return toomany(ms, "program", phnum); + shnum = elf_getu16(swap, elfhdr.e_shnum); + if (shnum > ms->elf_shnum_max) + return toomany(ms, "section", shnum); if (dophn_exec(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_phoff), - elf_getu16(swap, elfhdr.e_phnum), + (off_t)elf_getu(swap, elfhdr.e_phoff), phnum, (size_t)elf_getu16(swap, elfhdr.e_phentsize), - fsize, &flags, elf_getu16(swap, elfhdr.e_shnum)) - == -1) + fsize, shnum, &flags, ¬ecount) == -1) return -1; /*FALLTHROUGH*/ case ET_REL: + shnum = elf_getu16(swap, elfhdr.e_shnum); + if (shnum > ms->elf_shnum_max) + return toomany(ms, "section headers", shnum); if (doshn(ms, clazz, swap, fd, - (off_t)elf_getu(swap, elfhdr.e_shoff), - elf_getu16(swap, elfhdr.e_shnum), + (off_t)elf_getu(swap, elfhdr.e_shoff), shnum, (size_t)elf_getu16(swap, elfhdr.e_shentsize), - fsize, &flags, elf_getu16(swap, elfhdr.e_machine), - (int)elf_getu16(swap, elfhdr.e_shstrndx)) == -1) + fsize, elf_getu16(swap, elfhdr.e_machine), + (int)elf_getu16(swap, elfhdr.e_shstrndx), + &flags, ¬ecount) == -1) return -1; break; default: break; } + if (notecount == 0) + return toomany(ms, "notes", ms->elf_notes_max); return 1; |