A symndx of STN_UNDEF is special, and means a symbol value of 0. While
legitimate in the ELF standard, its existance in a livepatch is questionable
at best. Until a plausible usecase presents itself, reject such a relocation
with -EOPNOTSUPP.
Additionally, fix an off-by-one error while range checking symndx, and perform
a safety check on elf->sym[symndx].sym before derefencing it, to avoid
tripping over a NULL pointer when calculating val.
Signed-off-by: Andrew Cooper <andrew.cooper3@citrix.com>
Reviewed-by: Stefano Stabellini <sstabellini@kernel.org>
Reviewed-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com>
Tested-by: Konrad Rzeszutek Wilk <konrad.wilk@oracle.com> [x86 and arm32]
Reviewed-by: Jan Beulich <JBeulich@suse.com>
Reviewed-by: Ross Lagerwall <ross.lagerwall@citrix.com>
master commit:
2ff229643b739e2fd0cd0536ee9fca506cfa92f8
master date: 2017-06-23 15:00:37 +0100
dest = base->load_addr + r->r_offset; /* P */
}
- if ( symndx > elf->nsym )
+ if ( symndx == STN_UNDEF )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: Encountered STN_UNDEF\n",
+ elf->name);
+ return -EOPNOTSUPP;
+ }
+ else if ( symndx >= elf->nsym )
{
dprintk(XENLOG_ERR, LIVEPATCH "%s: Relative symbol wants symbol@%u which is past end!\n",
elf->name, symndx);
return -EINVAL;
}
+ else if ( !elf->sym[symndx].sym )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: No relative symbol@%u\n",
+ elf->name, symndx);
+ return -EINVAL;
+ }
if ( !use_rela )
addend = get_addend(type, dest);
symndx = ELF64_R_SYM(r->r_info);
- if ( symndx > elf->nsym )
+ if ( symndx == STN_UNDEF )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: Encountered STN_UNDEF\n",
+ elf->name);
+ return -EOPNOTSUPP;
+ }
+ else if ( symndx >= elf->nsym )
{
dprintk(XENLOG_ERR, LIVEPATCH "%s: Relative relocation wants symbol@%u which is past end!\n",
elf->name, symndx);
return -EINVAL;
}
+ else if ( !elf->sym[symndx].sym )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: No relative symbol@%u\n",
+ elf->name, symndx);
+ return -EINVAL;
+ }
dest = base->load_addr + r->r_offset; /* P */
val = elf->sym[symndx].sym->st_value + r->r_addend; /* S+A */
symndx = ELF64_R_SYM(r->r_info);
- if ( symndx > elf->nsym )
+ if ( symndx == STN_UNDEF )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: Encountered STN_UNDEF\n",
+ elf->name);
+ return -EOPNOTSUPP;
+ }
+ else if ( symndx >= elf->nsym )
{
dprintk(XENLOG_ERR, LIVEPATCH "%s: Relative relocation wants symbol@%u which is past end!\n",
elf->name, symndx);
return -EINVAL;
}
+ else if ( !elf->sym[symndx].sym )
+ {
+ dprintk(XENLOG_ERR, LIVEPATCH "%s: No symbol@%u\n",
+ elf->name, symndx);
+ return -EINVAL;
+ }
dest = base->load_addr + r->r_offset;
val = r->r_addend + elf->sym[symndx].sym->st_value;
projects / xen.git / commitdiff