From 7ae7a60caaaacbca0427334aeb7234d1eedf2227 Mon Sep 17 00:00:00 2001 From: Andreas Kling Date: Sun, 5 Jan 2020 08:37:05 +0100 Subject: [PATCH] LibELF: Fix stack overflow in ELFImage::relocations() Thanks to braindead for finding the bug! :^) --- Libraries/LibELF/ELFImage.cpp | 16 +++++++--------- Libraries/LibELF/ELFImage.h | 2 +- 2 files changed, 8 insertions(+), 10 deletions(-) diff --git a/Libraries/LibELF/ELFImage.cpp b/Libraries/LibELF/ELFImage.cpp index 345db584e6b..cb93e2abc3c 100644 --- a/Libraries/LibELF/ELFImage.cpp +++ b/Libraries/LibELF/ELFImage.cpp @@ -1,5 +1,6 @@ -#include "ELFImage.h" +#include #include +#include ELFImage::ELFImage(const u8* buffer) : m_buffer(buffer) @@ -194,14 +195,11 @@ const ELFImage::Relocation ELFImage::RelocationSection::relocation(unsigned inde const ELFImage::RelocationSection ELFImage::Section::relocations() const { - // FIXME: This is ugly. - char relocation_sectionName[128]; - sprintf(relocation_sectionName, ".rel%s", name()); + StringBuilder builder; + builder.append(".rel"); + builder.append(name()); -#ifdef ELFIMAGE_DEBUG - dbgprintf("looking for '%s'\n", relocation_sectionName); -#endif - auto relocation_section = m_image.lookup_section(relocation_sectionName); + auto relocation_section = m_image.lookup_section(builder.to_string()); if (relocation_section.type() != SHT_REL) return static_cast(m_image.section(0)); @@ -211,7 +209,7 @@ const ELFImage::RelocationSection ELFImage::Section::relocations() const return static_cast(relocation_section); } -const ELFImage::Section ELFImage::lookup_section(const char* name) const +const ELFImage::Section ELFImage::lookup_section(const String& name) const { if (auto it = m_sections.find(name); it != m_sections.end()) return section((*it).value); diff --git a/Libraries/LibELF/ELFImage.h b/Libraries/LibELF/ELFImage.h index 0e2ef04794f..88b436dd383 100644 --- a/Libraries/LibELF/ELFImage.h +++ b/Libraries/LibELF/ELFImage.h @@ -171,7 +171,7 @@ public: // NOTE: Returns section(0) if section with name is not found. // FIXME: I don't love this API. - const Section lookup_section(const char* name) const; + const Section lookup_section(const String& name) const; bool is_executable() const { return header().e_type == ET_EXEC; } bool is_relocatable() const { return header().e_type == ET_REL; }