[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Libunwind-devel] [PATCH] elf: Follow .gnu_debuglink when resolving
From: |
Paul Pluzhnikov |
Subject: |
Re: [Libunwind-devel] [PATCH] elf: Follow .gnu_debuglink when resolving function names |
Date: |
Sat, 4 Feb 2017 12:30:19 -0800 |
On Sat, Feb 4, 2017 at 12:15 PM, Dave Watson <address@hidden> wrote:
> + char debug_path[PATH_MAX];
> + char *link = ((uint8_t *) ei.image) + shdr->sh_offset;
> + size_t link_len = shdr->sh_size;
> +
> + strncpy(debug_path, link, link_len);
Did you mean to limit strncpy to PATH_MAX?
.gnu_debuglink can be arbitrarily large, and above strncpy can
overflow debug_path[]. You probably want to reject .gnu_debuglink if
link_len > PATH_MAX, and use memcpy if it's not.
--
Paul Pluzhnikov