https://sourceware.org/bugzilla/show_bug.cgi?id=32689
Bug ID: 32689
Summary: Robustify [g]elf functions that take (nobits) Elf_Data
arguments
Product: elfutils
Version: unspecified
Status: NEW
Severity: normal
Priority: P2
Component: libelf
Assignee: unassigned at sourceware dot org
Reporter: mark at klomp dot org
CC: elfutils-devel at sourceware dot org
Target Milestone: ---
The Elf_Data returned from a SHT_NOBITS section have their d_size set, but
d_buf will be NULL. In most (all?) cases calling an [g]elf function using such
Elf_Data is a user error. The function might crash by just using d_buf directly
without checking it is NULL. It would be better if the functions would simply
return an error. Most already return an error when provided with a NULL
Elf_Data.
Lets audit (and maybe add a test) for:
- elf32_xlatetom, elf64_xlatetom, gelf_xlatetom
- elf32_xlatetof, elf64_xlatetof, gelf_xlatetof
- gelf_getrel
- gelf_getrela
- gelf_update_rel
- gelf_update_rela
- gelf_getsym
- gelf_update_sym
- gelf_getsymshndx
- gelf_update_symshndx
- gelf_getsyminfo
- gelf_update_syminfo
- gelf_getdyn
- gelf_update_dyn
- gelf_getmove
- gelf_update_move
- gelf_getlib
- gelf_update_lib
- gelf_getversym
- gelf_update_versym
- gelf_getverneed
- gelf_update_verneed
- gelf_getvernaux
- gelf_update_vernaux
- gelf_getverdef
- gelf_update_verdef
- gelf_getverdaux
- gelf_update_verdaux
- gelf_getauxv
- gelf_update_auxv
- gelf_getnote
--
You are receiving this mail because:
You are on the CC list for the bug.
