rpms / fapolicyd

Clone
Source Code
GIT

Blame SOURCES/fapolicyd-elf-parser.patch

c8 c8-beta c8s c9 c9-beta
  1.   714ab22cc9615aed1a800ca1b0cf62b73d50a851
  2.   SOURCES
  3.   fapolicyd-elf-parser.patch
Blob History Raw
714ab2 
From 2caac530f13bf69a988f65eb109f26a7311936c6 Mon Sep 17 00:00:00 2001
714ab2 
From: Steve Grubb <sgrubb@redhat.com>
714ab2 
Date: Thu, 20 Feb 2020 17:58:55 -0500
714ab2 
Subject: [PATCH] Sanity check e_phentsize in ELF parser
714ab2
714ab2 
---
714ab2 
 src/file.c | 12 ++++++++++++
714ab2 
 1 file changed, 12 insertions(+)
714ab2
714ab2 
diff --git a/src/file.c b/src/file.c
714ab2 
index 3c9d084..e0d4f85 100644
714ab2 
--- a/src/file.c
714ab2 
+++ b/src/file.c
714ab2 
@@ -469,6 +469,12 @@ uint32_t gather_elf(int fd, off_t size)
714ab2 
 		// We want to do a basic size check to make sure
714ab2 
 		unsigned long sz =
714ab2 
 			(unsigned)hdr->e_phentsize * (unsigned)hdr->e_phnum;
714ab2 
+		/* Verify the entry size is right */
714ab2 
+		if ((unsigned)hdr->e_phentsize != sizeof(Elf32_Phdr)) {
714ab2 
+			info |= HAS_ERROR;
714ab2 
+			free(hdr);
714ab2 
+			goto rewind_out;
714ab2 
+		}
714ab2 
 		if (sz > ((unsigned long)size - sizeof(Elf32_Ehdr))) {
714ab2 
 			info |= HAS_ERROR;
714ab2 
 			free(hdr);
714ab2 
@@ -600,6 +606,12 @@ uint32_t gather_elf(int fd, off_t size)
714ab2 
 		// We want to do a basic size check to make sure
714ab2 
 		unsigned long sz =
714ab2 
 			(unsigned)hdr->e_phentsize * (unsigned)hdr->e_phnum;
714ab2 
+		/* Verify the entry size is right */
714ab2 
+		if ((unsigned)hdr->e_phentsize != sizeof(Elf64_Phdr)) {
714ab2 
+			info |= HAS_ERROR;
714ab2 
+			free(hdr);
714ab2 
+			goto rewind_out;
714ab2 
+		}
714ab2 
 		if (sz > ((unsigned long)size - sizeof(Elf64_Ehdr))) {
714ab2 
 			info |= HAS_ERROR;
714ab2 
 			free(hdr);

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation