| From a642587a9c9e2dd7feacdf513c3643ce26ad3c22 Mon Sep 17 00:00:00 2001 |
| From: Christos Zoulas <christos@zoulas.com> |
| Date: Sat, 9 Jun 2018 16:00:06 +0000 |
| Subject: [PATCH] Avoid reading past the end of buffer (Rui Reis) |
| |
| [baruch: drop file version string update hunk] |
| Signed-off-by: Baruch Siach <baruch@tkos.co.il> |
| --- |
| Upstream status: commit a642587a9c9 in github mirror |
| |
| src/readelf.c | 5 +++-- |
| 1 file changed, 3 insertions(+), 2 deletions(-) |
| |
| diff --git a/src/readelf.c b/src/readelf.c |
| index 79c83f9f5048..1f41b46113c3 100644 |
| --- a/src/readelf.c |
| +++ b/src/readelf.c |
| @@ -842,7 +842,8 @@ do_core_note(struct magic_set *ms, unsigned char *nbuf, uint32_t type, |
| |
| cname = (unsigned char *) |
| &nbuf[doff + prpsoffsets(i)]; |
| - for (cp = cname; *cp && isprint(*cp); cp++) |
| + for (cp = cname; cp < nbuf + size && *cp |
| + && isprint(*cp); cp++) |
| continue; |
| /* |
| * Linux apparently appends a space at the end |
| -- |
| 2.17.1 |
| |