svn commit: r342575 - head/usr.bin/ar
Ed Maste
emaste at FreeBSD.org
Fri Dec 28 17:00:13 UTC 2018
Author: emaste
Date: Fri Dec 28 17:00:12 2018
New Revision: 342575
URL: https://svnweb.freebsd.org/changeset/base/342575
Log:
ar: detect and error out on 32-bit symbol table overflow
BSD ar currently does not support the /SYM64/ 64-bit symbol table, and
previously truncated to 32-bits, silently producing corrupted archives
larger than 4GB.
Note that this is only a partial fix; additional checks will come.
PR: 234454
Reported by: Aijaz Baig, imp
MFC after: 2 weeks
Sponsored by: The FreeBSD Foundation
Modified:
head/usr.bin/ar/write.c
Modified: head/usr.bin/ar/write.c
==============================================================================
--- head/usr.bin/ar/write.c Fri Dec 28 16:08:49 2018 (r342574)
+++ head/usr.bin/ar/write.c Fri Dec 28 17:00:12 2018 (r342575)
@@ -659,9 +659,13 @@ write_objs(struct bsdar *bsdar)
pm_sz = _ARMAG_LEN + (_ARHDR_LEN + s_sz);
if (bsdar->as != NULL)
pm_sz += _ARHDR_LEN + bsdar->as_sz;
- for (i = 0; (size_t)i < bsdar->s_cnt; i++)
+ for (i = 0; (size_t)i < bsdar->s_cnt; i++) {
+ if (*(bsdar->s_so + i) > UINT32_MAX - pm_sz)
+ bsdar_errc(bsdar, EX_SOFTWARE, 0,
+ "Symbol table offset overflow");
*(bsdar->s_so + i) = htobe32(*(bsdar->s_so + i) +
pm_sz);
+ }
}
if ((a = archive_write_new()) == NULL)
More information about the svn-src-all
mailing list