Author: markj
Date: Fri Mar 20 16:24:23 2020
New Revision: 359173
URL: https://svnweb.freebsd.org/changeset/base/359173
Log:
libpe: Avoid a potential use-after-free in pe_update_symtab().
This function appears to be unused within FreeBSD and ELFToolChain.
CID: 1418982
MFC after: 1 week
Sponsored by: The FreeBSD Foundation
Modified:
head/contrib/elftoolchain/libpe/pe_symtab.c
Modified: head/contrib/elftoolchain/libpe/pe_symtab.c
==============================================================================
--- head/contrib/elftoolchain/libpe/pe_symtab.c Fri Mar 20 16:24:06 2020
(r359172)
+++ head/contrib/elftoolchain/libpe/pe_symtab.c Fri Mar 20 16:24:23 2020
(r359173)
@@ -33,7 +33,7 @@ ELFTC_VCSID("$Id: pe_symtab.c 3312 2016-01-10 09:23:51
int
pe_update_symtab(PE *pe, char *symtab, size_t sz, unsigned int nsym)
{
- PE_Scn *ps;
+ PE_Scn *ps, *pstmp;
PE_SecBuf *sb;
PE_SecHdr *sh;
@@ -48,7 +48,7 @@ pe_update_symtab(PE *pe, char *symtab, size_t sz, unsi
}
/* Remove the old symbol table. */
- STAILQ_FOREACH(ps, &pe->pe_scn, ps_next) {
+ STAILQ_FOREACH_SAFE(ps, &pe->pe_scn, ps_next, pstmp) {
if (ps->ps_ndx == 0xFFFFFFFFU)
libpe_release_scn(ps);
}
_______________________________________________
svn-src-head@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-head
To unsubscribe, send any mail to "svn-src-head-unsubscr...@freebsd.org"
