1berry/qtbase
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

QElfParser: handle the case of PN_XNUM program headers

Browse Source 
This is an extension point when you have more than 65535 program
headers. Hopefully no one has that many.

Change-Id: Ifbf974a4d10745b099b1fffd177710fae9c31b97
Reviewed-by: Volker Hilsheimer <volker.hilsheimer@qt.io>
This commit is contained in:
Thiago Macieira 2023-07-31 14:27:34 -07:00
parent de6d322174
commit 3bdb5e9cc9
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/corelib/plugin/qelfparser_p.cpp
View File

@ -539,6 +539,8 @@ static bool preScanProgramHeaders(QByteArrayView data, const ErrorMaker &error)
// first, validate the extent of the full program header table // first, validate the extent of the full program header table
T::Word e_phnum = header->e_phnum; T::Word e_phnum = header->e_phnum;
if (e_phnum == PN_XNUM)
return error(QLibrary::tr("unimplemented: PN_XNUM program headers")), false;
T::Off offset = e_phnum * sizeof(T::Phdr); // can't overflow due to size of T::Half T::Off offset = e_phnum * sizeof(T::Phdr); // can't overflow due to size of T::Half
if (qAddOverflow(offset, header->e_phoff, &offset) || offset > size_t(data.size())) if (qAddOverflow(offset, header->e_phoff, &offset) || offset > size_t(data.size()))
return error(QLibrary::tr("program header table extends past the end of the file")), false; return error(QLibrary::tr("program header table extends past the end of the file")), false;