mirror/gcc
1
0
Fork 0
mirror of https://github.com/gcc-mirror/gcc.git synced 2024-11-21 13:40:47 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

libbacktrace: skip all LZMA block header padding bytes

Browse Source 
Fixes https://github.com/ianlancetaylor/libbacktrace/issues/118

	* elf.c (elf_uncompress_lzma_block): Skip all header padding bytes
	and verify that they are zero.
This commit is contained in:
Ian Lance Taylor 2024-03-02 12:15:49 -08:00
parent 9ca5e579d3
commit c4f82ec6b4
1 changed files with 10 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

18
libbacktrace/elf.c
View File

@ -5568,6 +5568,7 @@ elf_uncompress_lzma_block (const unsigned char *compressed,
uint64_t header_compressed_size;
uint64_t header_uncompressed_size;
unsigned char lzma2_properties;
size_t crc_offset;
uint32_t computed_crc;
uint32_t stream_crc;
size_t uncompressed_offset;
@ -5671,19 +5672,20 @@ elf_uncompress_lzma_block (const unsigned char *compressed,
/* The properties describe the dictionary size, but we don't care
what that is. */
/* Block header padding. */
if (unlikely (off + 4 > compressed_size))
/* Skip to just before CRC, verifying zero bytes in between. */
crc_offset = block_header_offset + block_header_size - 4;
if (unlikely (crc_offset + 4 > compressed_size))
{
elf_uncompress_failed ();
return 0;
}
off = (off + 3) &~ (size_t) 3;
if (unlikely (off + 4 > compressed_size))
for (; off < crc_offset; off++)
{
elf_uncompress_failed ();
return 0;
if (compressed[off] != 0)
{
elf_uncompress_failed ();
return 0;
}
}
/* Block header CRC. */