From 5d64a503ffc312886d23b22ad12df87bbc8f9a32 Mon Sep 17 00:00:00 2001 From: Andrii Nakryiko Date: Thu, 21 Dec 2017 12:47:30 -0800 Subject: [PATCH] Fix crashing on corrupted ELF binaries with invalid offsets in ELF header. Summary: There are cases where ELF binaries are running fine, but have slightly corrupted ELF headers, e.g., with section headers offset pointing beyond boundaries of file. I'm guessing this is due to running strip or objdump with either some particular combination of flags or some due to buggy version of those tools. This change prevents from crashing on such files. Reviewed By: yfeldblum Differential Revision: D6616027 fbshipit-source-id: 8cb3ac4475a51d1f1045c395977a6a77fbefffb2 --- folly/experimental/symbolizer/Elf-inl.h | 16 ++++++++++++++-- 1 file changed, 14 insertions(+), 2 deletions(-) diff --git a/folly/experimental/symbolizer/Elf-inl.h b/folly/experimental/symbolizer/Elf-inl.h index 51890e40..0d435b4c 100644 --- a/folly/experimental/symbolizer/Elf-inl.h +++ b/folly/experimental/symbolizer/Elf-inl.h @@ -23,25 +23,37 @@ namespace symbolizer { template const ElfPhdr* ElfFile::iterateProgramHeaders(Fn fn) const { + // there exist ELF binaries which execute correctly, but have invalid internal + // offset(s) to program/section headers; most probably due to invalid + // stripping of symbols + if (elfHeader().e_phoff + sizeof(ElfPhdr) >= length_) { + return nullptr; + } + const ElfPhdr* ptr = &at(elfHeader().e_phoff); for (size_t i = 0; i < elfHeader().e_phnum; i++, ptr++) { if (fn(*ptr)) { return ptr; } } - return nullptr; } template const ElfShdr* ElfFile::iterateSections(Fn fn) const { + // there exist ELF binaries which execute correctly, but have invalid internal + // offset(s) to program/section headers; most probably due to invalid + // stripping of symbols + if (elfHeader().e_shoff + sizeof(ElfShdr) >= length_) { + return nullptr; + } + const ElfShdr* ptr = &at(elfHeader().e_shoff); for (size_t i = 0; i < elfHeader().e_shnum; i++, ptr++) { if (fn(*ptr)) { return ptr; } } - return nullptr; } -- 2.34.1