diff options
| author | midipix <writeonce@midipix.org> | 2024-01-29 01:21:35 +0000 |
|---|---|---|
| committer | midipix <writeonce@midipix.org> | 2024-01-29 01:21:35 +0000 |
| commit | 5ac87ef92cab60af788bef6b5a069f5a49e61a74 (patch) | |
| tree | 25eae25d7738e166418babb0ed8e51d85706a993 | |
| parent | 1f3f88c2a5ae86bfe910ff7760a57d9b8396ccb4 (diff) | |
| download | slibtool-5ac87ef92cab60af788bef6b5a069f5a49e61a74.tar.bz2 slibtool-5ac87ef92cab60af788bef6b5a069f5a49e61a74.tar.xz | |
slbt_get_archive_meta(): symrefs vector: validate all name offsets.
| -rw-r--r-- | include/slibtool/slibtool.h | 1 | ||||
| -rw-r--r-- | src/arbits/slbt_archive_meta.c | 25 |
2 files changed, 26 insertions, 0 deletions
diff --git a/include/slibtool/slibtool.h b/include/slibtool/slibtool.h index 04917c5..e2e1f43 100644 --- a/include/slibtool/slibtool.h +++ b/include/slibtool/slibtool.h @@ -115,6 +115,7 @@ enum slbt_custom_error { SLBT_ERR_AR_INVALID_ARMAP_SIZE_OF_STRS, SLBT_ERR_AR_INVALID_ARMAP_STRING_TABLE, SLBT_ERR_AR_INVALID_ARMAP_MEMBER_OFFSET, + SLBT_ERR_AR_INVALID_ARMAP_NAME_OFFSET, }; /* execution modes */ diff --git a/src/arbits/slbt_archive_meta.c b/src/arbits/slbt_archive_meta.c index 75de64d..804ac39 100644 --- a/src/arbits/slbt_archive_meta.c +++ b/src/arbits/slbt_archive_meta.c @@ -605,6 +605,8 @@ static int slbt_ar_parse_primary_armap_sysv_32( armapref->ar_armap_sysv = armap; armapref->ar_armap_attr = AR_ARMAP_ATTR_SYSV | AR_ARMAP_ATTR_BE_32; armapref->ar_num_of_symbols = nsyms; + armapref->ar_size_of_refs = nsyms * sizeof(*mark); + armapref->ar_size_of_strs = cap - m->symstrs; armapref->ar_string_table = m->symstrs; m->armaps.armap_nsyms = nsyms; @@ -714,6 +716,8 @@ static int slbt_ar_parse_primary_armap_sysv_64( armapref->ar_armap_sysv = armap; armapref->ar_armap_attr = AR_ARMAP_ATTR_SYSV | AR_ARMAP_ATTR_BE_64; armapref->ar_num_of_symbols = nsyms; + armapref->ar_size_of_refs = nsyms * sizeof(*mark); + armapref->ar_size_of_strs = cap - m->symstrs; armapref->ar_string_table = m->symstrs; m->armaps.armap_nsyms = nsyms; @@ -1264,6 +1268,16 @@ int slbt_get_archive_meta( dctx, SLBT_ERR_AR_INVALID_ARMAP_MEMBER_OFFSET)); + if (symrefs_32[idx].ar_name_offset) { + ch = &m->symstrs[symrefs_32[idx].ar_name_offset]; + + if ((ch > m->symstrv[m->armaps.armap_nsyms - 1]) || *--ch) + return slbt_free_archive_meta_impl( + m,SLBT_CUSTOM_ERROR( + dctx, + SLBT_ERR_AR_INVALID_ARMAP_NAME_OFFSET)); + } + } } @@ -1278,6 +1292,17 @@ int slbt_get_archive_meta( m,SLBT_CUSTOM_ERROR( dctx, SLBT_ERR_AR_INVALID_ARMAP_MEMBER_OFFSET)); + + if (symrefs_64[idx].ar_name_offset) { + ch = &m->symstrs[symrefs_64[idx].ar_name_offset]; + + if ((ch > m->symstrv[m->armaps.armap_nsyms - 1]) || *--ch) + return slbt_free_archive_meta_impl( + m,SLBT_CUSTOM_ERROR( + dctx, + SLBT_ERR_AR_INVALID_ARMAP_NAME_OFFSET)); + } + } } |