diff options
| author | Arvid E. Picciani <arvid.picciani@nokia.com> | 2012-05-15 12:29:53 +0200 |
|---|---|---|
| committer | Qt by Nokia <qt-info@nokia.com> | 2012-05-16 04:25:07 +0200 |
| commit | d5000e82e3d17532b76d5a69fd35ac4e8f3b9d18 (patch) | |
| tree | ec191f6791a81a7fc8000fd014c2cd9404fab133 | |
| parent | 7f3f3a0858ac743802b80cc5490747ae024b5574 (diff) | |
QElfParser: double check section size before using it.
In rare cases, if the section is empty, we're reading the whole object
into memory because size -1 = UINT_MAX.
Change-Id: Ibf9a1534159ce626e4f2327536076d0cc1ebf0ba
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
| -rw-r--r-- | src/corelib/plugin/qelfparser_p.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/src/corelib/plugin/qelfparser_p.cpp b/src/corelib/plugin/qelfparser_p.cpp index af2fc44d00..e4215dc39b 100644 --- a/src/corelib/plugin/qelfparser_p.cpp +++ b/src/corelib/plugin/qelfparser_p.cpp @@ -218,7 +218,7 @@ int QElfParser::parse(const char *dataStart, ulong fdlen, const QString &library continue; } - if (sh.offset == 0 || (sh.offset + sh.size) > fdlen) { + if (sh.offset == 0 || (sh.offset + sh.size) > fdlen || sh.size < 1) { if (lib) lib->errorString = QLibrary::tr("'%1' is an invalid ELF object (%2)").arg(library) .arg(QLatin1String("missing section data. This is not a library.")); |