>>> On 15.08.16 at 01:07, <konrad.w...@oracle.com> wrote: > --- a/xen/common/livepatch_elf.c > +++ b/xen/common/livepatch_elf.c > @@ -365,7 +365,22 @@ int livepatch_elf_perform_relocs(struct livepatch_elf > *elf) > } > > if ( r->sec->sh_type == SHT_RELA ) > - rc = arch_livepatch_perform_rela(elf, base, r); > + { > + rc = 0; > + > + if ( !r->sec->sh_size ) > + continue; > + > + if ( r->sec->sh_entsize < sizeof(Elf_RelA) || > + r->sec->sh_size % r->sec->sh_entsize ) > + { > + dprintk(XENLOG_ERR, LIVEPATCH "%s: Section relative header > is corrupted!\n", > + elf->name); > + rc = -EINVAL; > + } > + else > + rc = arch_livepatch_perform_rela(elf, base, r); > + } > else /* SHT_REL */ > rc = arch_livepatch_perform_rel(elf, base, r);
Shouldn't this be mirrored to the SHT_REL case then (with the appropriate minor adjustments)? Jan _______________________________________________ Xen-devel mailing list Xen-devel@lists.xen.org https://lists.xen.org/xen-devel