jory/upx
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

elf_find_table_size() did not check for empty table

Browse Source 
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=65765&q=label%3AProj-upx
https://github.com/upx/upx/issues/771
	modified:   p_lx_elf.cpp
This commit is contained in:
John Reiser 2024-01-18 19:11:12 -08:00 committed by Markus F.X.J. Oberhumer
parent b019440980
commit d615985b8a
1 changed files with 6 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
src/p_lx_elf.cpp
View File

@ -2046,6 +2046,9 @@ unsigned PackLinuxElf32::elf_find_table_size(unsigned dt_type, unsigned sh_type)
unsigned x_rva; unsigned x_rva;
if (dt_type < DT_NUM) { if (dt_type < DT_NUM) {
unsigned const x_ndx = dt_table[dt_type]; unsigned const x_ndx = dt_table[dt_type];
if (!x_ndx) { // no such entry
return 0;
}
x_rva = get_te32(&dynseg[-1+ x_ndx].d_val); x_rva = get_te32(&dynseg[-1+ x_ndx].d_val);
} }
else { else {
@ -7935,6 +7938,9 @@ unsigned PackLinuxElf64::elf_find_table_size(unsigned dt_type, unsigned sh_type)
unsigned x_rva; unsigned x_rva;
if (dt_type < DT_NUM) { if (dt_type < DT_NUM) {
unsigned const x_ndx = dt_table[dt_type]; unsigned const x_ndx = dt_table[dt_type];
if (!x_ndx) { // no such entry
return 0;
}
x_rva = get_te64(&dynseg[-1+ x_ndx].d_val); x_rva = get_te64(&dynseg[-1+ x_ndx].d_val);
} }
else { else {