Check sh_entsize is not zero.

There were some recent bug reports where we trusted the ELF section header to be sane and divided the sh_size by the sh_entsize to get the number of objects in the section. This would cause a divide by zero if the file was corrupt and the sh_entsize was zero. Add checks for any such code. Signed-off-by: Mark Wielaard <mark@klomp.org>
author: Mark Wielaard <mark@klomp.org> 2018-10-19 15:01:29 +0200
committer: Mark Wielaard <mark@klomp.org> 2018-10-20 00:13:10 +0200
commit: 1e7c230b277b6eb82577a3bc4b56ca291c28964d (patch)
tree: c49c147eef876edee8ef5fd4592a104f2bfa286e /libdwfl
parent: 22d2d082d57a7470fadc0eae67179553f4919209 (diff)
2 files changed, 6 insertions, 0 deletions
diff --git a/libdwfl/ChangeLog b/libdwfl/ChangeLog
index 2e7efd45..6c333d83 100644
--- a/libdwfl/ChangeLog
+++ b/libdwfl/ChangeLog
@@ -1,3 +1,7 @@
+2018-10-19  Mark Wielaard  <mark@klomp.org>
+
+	* dwfl_module_getdwarf.c (find_aux_sym): Check sh_entsize is not zero.
+
 2018-10-14  Mark Wielaard  <mark@klomp.org>
 
 	* dwfl_segment_report_module.c (read_portion): Check requested
diff --git a/libdwfl/dwfl_module_getdwarf.c b/libdwfl/dwfl_module_getdwarf.c
index af6838a6..56e61054 100644
--- a/libdwfl/dwfl_module_getdwarf.c
+++ b/libdwfl/dwfl_module_getdwarf.c
@@ -1007,6 +1007,8 @@ find_aux_sym (Dwfl_Module *mod __attribute__ ((unused)),
 		    switch (shdr->sh_type)
 		      {
 		      case SHT_SYMTAB:
+			if (shdr->sh_entsize == 0)
+			  return;
 			minisymtab = true;
 			*aux_symscn = scn;
 			*aux_strshndx = shdr->sh_link;
author	Mark Wielaard <mark@klomp.org>	2018-10-19 15:01:29 +0200
committer	Mark Wielaard <mark@klomp.org>	2018-10-20 00:13:10 +0200
commit	1e7c230b277b6eb82577a3bc4b56ca291c28964d (patch)
tree	c49c147eef876edee8ef5fd4592a104f2bfa286e /libdwfl
parent	22d2d082d57a7470fadc0eae67179553f4919209 (diff)