summaryrefslogtreecommitdiff
path: root/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch
diff options
context:
space:
mode:
Diffstat (limited to 'dev-util/radare2/files/radare2-2.0.1-635618-p1.patch')
-rw-r--r--dev-util/radare2/files/radare2-2.0.1-635618-p1.patch29
1 files changed, 29 insertions, 0 deletions
diff --git a/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch b/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch
new file mode 100644
index 000000000000..5644e50cc115
--- /dev/null
+++ b/dev-util/radare2/files/radare2-2.0.1-635618-p1.patch
@@ -0,0 +1,29 @@
+From c6d0076c924891ad9948a62d89d0bcdaf965f0cd Mon Sep 17 00:00:00 2001
+From: pancake <pancake@nopcode.org>
+Date: Wed, 25 Oct 2017 18:00:11 +0200
+Subject: [PATCH] Fix #8731 - Crash in ELF parser with negative 32bit number
+
+---
+ libr/bin/format/elf/elf.c | 6 +++++-
+ 1 file changed, 5 insertions(+), 1 deletion(-)
+
+diff --git a/libr/bin/format/elf/elf.c b/libr/bin/format/elf/elf.c
+index 90f6acd30..e3c852fd3 100644
+--- a/libr/bin/format/elf/elf.c
++++ b/libr/bin/format/elf/elf.c
+@@ -900,7 +900,11 @@ static Sdb *store_versioninfo_gnu_verneed(ELFOBJ *bin, Elf_(Shdr) *shdr, int sz)
+ free (s);
+ }
+ sdb_num_set (sdb_version, "cnt", entry->vn_cnt, 0);
+- vstart += entry->vn_aux;
++ st32 vnaux = entry->vn_aux;
++ if (vnaux < 1) {
++ goto beach;
++ }
++ vstart += vnaux;
+ for (j = 0, isum = i + entry->vn_aux; j < entry->vn_cnt && vstart + sizeof (Elf_(Vernaux)) <= end; ++j) {
+ int k;
+ Elf_(Vernaux) * aux = NULL;
+--
+2.14.3
+
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-31 07:25:31 +0000