Overview

File file-5.20-CVE-2014-3710.patch of Package file.182

---
 src/readelf.c |    7 +++++++
 1 file changed, 7 insertions(+)

--- src/readelf.c
+++ src/readelf.c
@@ -477,6 +477,13 @@ donote(struct magic_set *ms, void *vbuf, size_t offset, size_t size,
 	uint32_t namesz, descsz;
 	unsigned char *nbuf = CAST(unsigned char *, vbuf);
 
+	if (xnh_sizeof + offset > size) {
+		/*
+		 * We're out of note headers.
+		 */
+		return xnh_sizeof + offset;
+	}
+
 	(void)memcpy(xnh_addr, &nbuf[offset], xnh_sizeof);
 	offset += xnh_sizeof;
openSUSE Build Service is sponsored by
Places