| Andrew Geissler | 82c905d | 2020-04-13 13:39:40 -0500 | [diff] [blame] | 1 | From ac4af583bd59f6631671ad4abf985799ce4a53d9 Mon Sep 17 00:00:00 2001 |
| 2 | From: rguenth <rguenth@138bc75d-0d04-0410-961f-82ee72b054a4> |
| 3 | Date: Thu, 25 Jul 2019 10:46:54 +0000 |
| 4 | Subject: [PATCH 37/39] CVE-2019-14250: Check zero value in |
| 5 | simple_object_elf_match |
| 6 | |
| 7 | 2019-07-25 Richard Biener <rguenther@suse.de> |
| 8 | |
| 9 | PR lto/90924 |
| 10 | Backport from mainline |
| 11 | 2019-07-12 Ren Kimura <rkx1209dev@gmail.com> |
| 12 | |
| 13 | * simple-object-elf.c (simple_object_elf_match): Check zero value |
| 14 | shstrndx. |
| 15 | |
| 16 | git-svn-id: svn+ssh://gcc.gnu.org/svn/gcc/branches/gcc-9-branch@273793 138bc75d-0d04-0410-961f-82ee72b054a4 |
| 17 | |
| 18 | Upstream-Status: Backport |
| 19 | Affectes: < 9.2 |
| 20 | CVE: CVE-2019-14250 |
| 21 | Dropped changelog |
| 22 | Signed-off-by: Armin Kuster <Akustre@mvista.com> |
| 23 | --- |
| 24 | libiberty/simple-object-elf.c | 8 ++++++++ |
| 25 | 1 file changed, 8 insertions(+) |
| 26 | |
| 27 | diff --git a/libiberty/simple-object-elf.c b/libiberty/simple-object-elf.c |
| 28 | index 3d49f339631..c00cebdb6c7 100644 |
| 29 | --- a/libiberty/simple-object-elf.c |
| 30 | +++ b/libiberty/simple-object-elf.c |
| 31 | @@ -557,6 +557,14 @@ simple_object_elf_match (unsigned char header[SIMPLE_OBJECT_MATCH_HEADER_LEN], |
| 32 | return NULL; |
| 33 | } |
| 34 | |
| 35 | + if (eor->shstrndx == 0) |
| 36 | + { |
| 37 | + *errmsg = "invalid ELF shstrndx == 0"; |
| 38 | + *err = 0; |
| 39 | + XDELETE (eor); |
| 40 | + return NULL; |
| 41 | + } |
| 42 | + |
| 43 | return (void *) eor; |
| 44 | } |
| 45 | |
| 46 | -- |
| 47 | 2.25.1 |
| 48 | |