mirror/upx
1
0
Fork 0
mirror of https://github.com/upx/upx synced 2025-09-28 19:06:07 +08:00
Code Issues Releases Wiki Activity

Detect circular DT_HASH and DT_GNUHASH lookup

Browse Source 
https://github.com/upx/upx/issues/775
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65811&q=label%3AProj-upx
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65840&q=label%3AProj-upx
This commit is contained in:
John Reiser 2024-01-25 15:05:53 -08:00 committed by Markus F.X.J. Oberhumer
parent 10807ebdc2
commit b48f870701
1 changed files with 8 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
src/p_lx_elf.cpp
View File

@ -8179,12 +8179,16 @@ Elf32_Sym const *PackLinuxElf32::elf_lookup(char const *name) const
}
if (nbucket) {
unsigned const m = elf_hash(name) % nbucket;
unsigned nvisit = 0;
unsigned si;
for (si= get_te32(&buckets[m]); 0!=si; si= get_te32(&chains[si])) {
char const *const p= get_dynsym_name(si, (unsigned)-1);
if (0==strcmp(name, p)) {
return &dynsym[si];
}
if (nbucket <= ++nvisit) {
throwCantPack("circular DT_HASH chain %d\n", si);
}
}
}
}
@ -8261,12 +8265,16 @@ Elf64_Sym const *PackLinuxElf64::elf_lookup(char const *name) const
}
if (nbucket) { // -rust-musl can have "empty" hashtab
unsigned const m = elf_hash(name) % nbucket;
unsigned nvisit = 0;
unsigned si;
for (si= get_te32(&buckets[m]); 0!=si; si= get_te32(&chains[si])) {
char const *const p= get_dynsym_name(si, (unsigned)-1);
if (0==strcmp(name, p)) {
return &dynsym[si];
}
if (nbucket <= ++nvisit) {
throwCantPack("circular DT_HASH chain %d\n", si);
}
}
}
}