https://sourceware.org/bugzilla/show_bug.cgi?id=25069
Mark Wielaard <mark at klomp dot org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |ASSIGNED
Component|libelf |tools
Assignee|unassigned at sourceware dot org |mark at klomp dot org
--- Comment #5 from Mark Wielaard <mark at klomp dot org> ---
The problem is that the symbol table string data (.strtab) is corrupt. The last
string doesn't have a zero terminator. This can be fixed by checking the symbol
name is a valid string:
diff --git a/src/unstrip.c b/src/unstrip.c
index f4314d5d..9b8c09a1 100644
--- a/src/unstrip.c
+++ b/src/unstrip.c
@@ -854,7 +854,9 @@ collect_symbols (Elf *outelf, bool rel, Elf_Scn *symscn,
Elf_Scn *strscn,
if (sym->st_shndx != SHN_XINDEX)
shndx = sym->st_shndx;
- if (sym->st_name >= strdata->d_size)
+ if (sym->st_name >= strdata->d_size
+ || memrchr (strdata->d_buf + sym->st_name, '\0',
+ strdata->d_size - sym->st_name) == NULL)
error (EXIT_FAILURE, 0,
_("invalid string offset in symbol [%zu]"), i);
--
You are receiving this mail because:
You are on the CC list for the bug.
