[1/2] Refine size constraints applied to win32pstatus ELF notes

Message ID 20200715132345.9249-1-jon.turney@dronecode.org.uk
State New
Headers show
Series
  • [1/2] Refine size constraints applied to win32pstatus ELF notes
Related show

Commit Message

Jon Turney July 15, 2020, 1:23 p.m.
Don't reject any win32pstatus notes smaller than minimum size for a
NOTE_INFO_THREAD.

This only happens to work because the Cygwin dumper tool currently
writes all these notes as the largest size of the union, (which wastes
lots of space in the core dump).

Instead, apply the appropriate size constraint for each win32pstatus
note type.

bfd/ChangeLog:

2020-07-11  Jon Turney  <jon.turney@dronecode.org.uk>

	* elf.c (elfcore_grok_win32pstatus): Don't apply size constraint
	for NOTE_INFO_THREAD to all win32pstatus ELF notes, instead apply
	appropriate size constraint for each win32pstatus note type.
---
 bfd/ChangeLog |  6 ++++++
 bfd/elf.c     | 17 ++++++++++++++++-
 2 files changed, 22 insertions(+), 1 deletion(-)

-- 
2.27.0

Patch

diff --git a/bfd/elf.c b/bfd/elf.c
index 61a7f0930e2..1d62523b120 100644
--- a/bfd/elf.c
+++ b/bfd/elf.c
@@ -10139,12 +10139,13 @@  elfcore_grok_win32pstatus (bfd *abfd, Elf_Internal_Note *note)
   char buf[30];
   char *name;
   size_t len;
+  size_t name_size;
   asection *sect;
   int type;
   int is_active_thread;
   bfd_vma base_addr;
 
-  if (note->descsz < 728)
+  if (note->descsz < 4)
     return TRUE;
 
   if (! CONST_STRNEQ (note->namedata, "win32"))
@@ -10155,12 +10156,18 @@  elfcore_grok_win32pstatus (bfd *abfd, Elf_Internal_Note *note)
   switch (type)
     {
     case NOTE_INFO_PROCESS:
+      if (note->descsz < 12)
+        return FALSE;
+
       /* FIXME: need to add ->core->command.  */
       elf_tdata (abfd)->core->pid = bfd_get_32 (abfd, note->descdata + 4);
       elf_tdata (abfd)->core->signal = bfd_get_32 (abfd, note->descdata + 8);
       break;
 
     case NOTE_INFO_THREAD:
+      if (note->descsz < 12)
+        return FALSE;
+
       /* Make a ".reg/<tid>" section containing the Win32 API thread CONTEXT
          structure. */
       /* thread_info.tid */
@@ -10192,6 +10199,9 @@  elfcore_grok_win32pstatus (bfd *abfd, Elf_Internal_Note *note)
       break;
 
     case NOTE_INFO_MODULE:
+      if (note->descsz < 12)
+        return FALSE;
+
       /* Make a ".module/xxxxxxxx" section.  */
       /* module_info.base_address */
       base_addr = bfd_get_32 (abfd, note->descdata + 4);
@@ -10209,6 +10219,11 @@  elfcore_grok_win32pstatus (bfd *abfd, Elf_Internal_Note *note)
       if (sect == NULL)
 	return FALSE;
 
+      /* module_info.module_name_size */
+      name_size = bfd_get_32 (abfd, note->descdata + 8);
+      if (note->descsz < 12 + name_size)
+        return FALSE;
+
       sect->size = note->descsz;
       sect->filepos = note->descpos;
       sect->alignment_power = 2;