diff options
author | Sung-hun Kim <sfoon.kim@samsung.com> | 2024-03-08 16:13:01 +0900 |
---|---|---|
committer | Sung-hun Kim <sfoon.kim@samsung.com> | 2024-03-08 17:34:30 +0900 |
commit | 70cffc93146658da95595c094954bac610e27526 (patch) | |
tree | b0fb26c7838f73edcea61dc3a9d75475789bd920 | |
parent | 070cbfc2bcf4c81b2ad85fcb7ea62a6ad0c5129d (diff) | |
download | minicoredumper-tizen.tar.gz minicoredumper-tizen.tar.bz2 minicoredumper-tizen.zip |
Fix a possible bug which can incur integer overflowaccepted/tizen/unified/x/20240313.092046accepted/tizen/unified/dev/20240620.010930accepted/tizen/unified/20240311.170344tizenaccepted/tizen_unified_xaccepted/tizen_unified_devaccepted/tizen_unified
Since off64_t is a signed 64-bit integer while Elf64_Off is unsigned long long,
assign Elf64_Off-typed value to an off64_t argument can make a integer overflow.
By adding a specific function for unsigned long long type, this possible bug can
be fixed.
This patch fixes a coverity issue (cid: 1758248).
Change-Id: I86fbf69a27afb031568aac3bbc9262c2462cc7b1
Signed-off-by: Sung-hun Kim <sfoon.kim@samsung.com>
-rw-r--r-- | src/minicoredumper/telf.c | 20 |
1 files changed, 18 insertions, 2 deletions
diff --git a/src/minicoredumper/telf.c b/src/minicoredumper/telf.c index 8f0241f..42f1b6f 100644 --- a/src/minicoredumper/telf.c +++ b/src/minicoredumper/telf.c @@ -31,6 +31,7 @@ #include <fcntl.h> #include <string.h> #include <stdarg.h> +#include <limits.h> #include "telf.h" @@ -81,6 +82,21 @@ static bool set_offset(Elf *elf, off64_t offset) return true; } +static bool set_ull_offset(Elf *elf, Elf64_Off offset) +{ + assert(elf); + + if (offset <= LONG_MAX) + return set_offset(elf, (off64_t)offset); + + if ((lseek64(elf->fd, LONG_MAX, SEEK_SET) == (off64_t)-1) || + (lseek64(elf->fd, (off64_t)(offset - LONG_MAX), SEEK_CUR) == (off64_t)-1)) { + set_error(elf, "set file offset error: %m"); + return false; + } + return true; +} + static bool readehdr(Elf *elf, Elf64_Ehdr *ehdr) { assert(elf); @@ -271,7 +287,7 @@ bool teu_getsdata(Elf *elf, Elf64_Shdr *shdr, void *data) assert(shdr); assert(data); - if (!set_offset(elf, shdr->sh_offset)) + if (!set_ull_offset(elf, shdr->sh_offset)) return false; if (read(elf->fd, data, shdr->sh_size) == -1) { @@ -323,7 +339,7 @@ char *teu_strptr(Elf *elf, int sindex, off64_t offset) return false; } - if (!set_offset(elf, strsection.sh_offset)) + if (!set_ull_offset(elf, strsection.sh_offset)) return NULL; char data[strsection.sh_size]; |