Eric Pouech : dbghelp/dwarf: Validate that a string is in the section boundary before using it.
Alexandre Julliard
julliard at winehq.org
Tue Sep 14 16:00:14 CDT 2021
Module: wine
Branch: master
Commit: 3111daa2228850aeab14b1eaf26d0ec26b810572
URL: https://source.winehq.org/git/wine.git/?a=commit;h=3111daa2228850aeab14b1eaf26d0ec26b810572
Author: Eric Pouech <eric.pouech at gmail.com>
Date: Sat Sep 11 10:59:30 2021 +0200
dbghelp/dwarf: Validate that a string is in the section boundary before using it.
Signed-off-by: Eric Pouech <eric.pouech at gmail.com>
Signed-off-by: Alexandre Julliard <julliard at winehq.org>
---
dlls/dbghelp/dwarf.c | 16 +++++++++++++---
1 file changed, 13 insertions(+), 3 deletions(-)
diff --git a/dlls/dbghelp/dwarf.c b/dlls/dbghelp/dwarf.c
index 7a9efe56312..a59999c9e70 100644
--- a/dlls/dbghelp/dwarf.c
+++ b/dlls/dbghelp/dwarf.c
@@ -601,9 +601,19 @@ static BOOL dwarf2_fill_attr(const dwarf2_parse_context_t* ctx,
break;
case DW_FORM_strp:
- attr->u.string = (const char*)ctx->sections[section_string].address +
- dwarf2_get_addr(data, ctx->head.offset_size);
- TRACE("strp<%s>\n", debugstr_a(attr->u.string));
+ {
+ ULONG_PTR ofs = dwarf2_get_addr(data, ctx->head.offset_size);
+ if (ofs >= ctx->sections[section_string].size)
+ {
+ ERR("Out of bounds string offset (%08lx)\n", ofs);
+ attr->u.string = "<<outofbounds-strp>>";
+ }
+ else
+ {
+ attr->u.string = (const char*)ctx->sections[section_string].address + ofs;
+ TRACE("strp<%s>\n", debugstr_a(attr->u.string));
+ }
+ }
break;
case DW_FORM_block:
More information about the wine-cvs
mailing list