nlist: Check that e_shnum and e_shentsize are within bounds
The e_shnum must not be 0, otherwise we will do a zero sized allocation and further processing of the executable will lead to out of bounds read/write accesses. The e_shentsize must be equal to sizeof(Elf_Shdr), otherwise we will perform out of bounds read accesses on the shdr array. Reported-by:Daniel Hodson <daniel@elttam.com.au> Based-on-patch-by:
Daniel Hodson <daniel@elttam.com.au> Signed-off-by:
Guillem Jover <guillem@hadrons.org>
Showing
Please register or sign in to comment