Re: [PATCH 2/2] tests: Add test for duplicate entries in archive

Hello Mark, On Sat, Nov 18, 2023 at 10:50 PM Mark Wielaard wrote: > Do note that you also have to add the new test file to > EXTRA_DIST so it actually gets into the dist. Thanks, will do in [PATCH v2].

Re: [PATCH 1/2] libdwfl: handle duplicate ELFs when reporting archives

Hello Mark, On Sat, Nov 18, 2023 at 10:47 PM Mark Wielaard wrote: > If we goto overlap here don't we still have a problem? overlap will > set m->gc = true; and return NULL. So the caller will think they > still owns the elf handle and will probably close it. But then when > the module is GCed in

[PATCH v2 1/2] libdwfl: handle duplicate ELFs when reporting archives

its lifetime for subsequent processing. Signed-off-by: Aleksei Vetrov --- libdwfl/dwfl_report_elf.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/libdwfl/dwfl_report_elf.c b/libdwfl/dwfl_report_elf.c index 581f4079..a76d3681 100644 --- a/libdwfl/dwfl_report_elf.c +++ b/libd

[PATCH v2 2/2] tests: Add test for duplicate entries in archive

): Add test-ar-duplicates.a.bz2. Signed-off-by: Aleksei Vetrov --- tests/Makefile.am | 3 ++- tests/run-dwfl-report-offline-memory.sh | 7 +++ tests/test-ar-duplicates.a.bz2 | Bin 0 -> 783 bytes 3 files changed, 9 insertions(+), 1 deletion(-) create m

[PATCH] libelf: check decompressed ZSTD size

/elf_compress.c (__libelf_decompress_zstd): Use return value of ZSTD_decompress to check that decompressed data size is the same as size_out of the buffer that was allocated. Signed-off-by: Aleksei Vetrov --- libelf/elf_compress.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a

[PATCH] libdwfl: Make dwfl_report_offline_memory work with ELF_C_READ_MMAP

* tests/dwfl-report-offline-memory.c: Add count_sections to exercise Elf* from dwfl_report_offline_memory. * tests/run-dwfl-report-offline-memory.sh: Add expected number of sections to test invocations. Signed-off-by: Aleksei Vetrov --- libdwfl/offline.c

[PATCH] libdwfl: add dwfl_report_offline_memory

From: Aleksei Vetrov This method allows to read and report ELF from memory instead of opening a file. That way arbitrary memory can be worked with, e.g. when coming from a stream without the need to persist. Another useful application is for fuzzing, because fuzzers might be able to track

[PATCH] libdwfl: add check for elf_memory return value

From: Aleksei Vetrov elf_memory call in __libdw_open_elf_memory can return NULL. It was not checked and led to the null pointer dereference. Signed-off-by: Aleksei Vetrov --- libdwfl/open.c | 4 tests/dwfl-report-offline-memory.c | 9 +++-- 2 files changed, 11

[PATCH] libdw: check memory access in get_(u|s)leb128

From: Aleksei Vetrov __libdw_get_uleb128 and __libdw_get_sleb128 should check if addrp has already reached the end before unrolling the first step. It is done by moving __libdw_max_len to the beginning of the function, which already has all the checks. Signed-off-by: Aleksei Vetrov --- libdw

Re: [PATCH] libdw: check memory access in get_(u|s)leb128

Hi Mark, > Did you actually find situations where these functions were called with addrp > >= endp? Yes, for example libdw/libdw_form.c:91:7. > It turns out that get_[su]leb128 dominates some operations and really does > have to be as fast as possible. So I do like to know what the impact is of

Re: [PATCH] libdw: check memory access in get_(u|s)leb128

Hi Mark, On Sat, Feb 11, 2023 at 11:43 PM Mark Wielaard wrote: > After this code we will do: > > /* There might be one extra byte. */ > unsigned char b = **addrp; > ++*addrp; > > So I think we want to catch that too. Easiest imho seems to move (and > invert) the max check immediately afte

[PATCH v2] libdw: check memory access in get_(u|s)leb128

From: Aleksei Vetrov __libdw_get_uleb128 and __libdw_get_sleb128 should check if addrp has already reached the end before unrolling the first step. It is done by moving __libdw_max_len to the beginning of the function, which can notice, that addrp is beyond the end. Then we just check the result

[PATCH] libdw: check that DWARF strings are null-terminated

From: Aleksei Vetrov It is expected from libdw to return strings that are null-terminated to avoid overflowing ELF data. * Add calculation of a safe prefix inside string sections, where any string will be null-terminated. * Check if offset overflows the safe prefix in dwarf_formstring

[PATCH v2 0/1] libdw: check that DWARF strings are null-terminated

Hello, In the first version of the patch was typo "secton" everywhere. Reuploading fixed version. Aleksei Vetrov (1): libdw: check that DWARF strings are null-terminated libdw/dwarf_begin_elf.c | 37 + libdw/dwarf_formstring.c | 5 - libd

[PATCH v2 1/1] libdw: check that DWARF strings are null-terminated

It is expected from libdw to return strings that are null-terminated to avoid overflowing ELF data. * Add calculation of a safe prefix inside string sections, where any string will be null-terminated. * Check if offset overflows the safe prefix in dwarf_formstring. Signed-off-by: Aleksei

Re: [PATCH 2/2] libdw: Use elf_rawdata when checking .debug section

Hello, Mark On Mon, Feb 20, 2023 at 3:55 PM Mark Wielaard wrote: > > .debug sections are raw bytes and don't need conversion even when host > and file have different endian order. Thank you! I like this patch more for its simplicity, looks good to me.

Re: [PATCH 2/2] libdw: Use elf_rawdata when checking .debug section

Hi Evgeny, On Tue, Feb 21, 2023 at 2:29 AM Evgeny Vereshchagin wrote: > Aleksei I wonder if it would be possible to add those fuzz targets to > OSS-Fuzz? There are blind spots there and I think it would be really great to > start covering at least some of them. We are fuzzing a tool named STG (h