summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorH. Peter Anvin <hpa@zytor.com>2019-08-05 10:20:14 -0700
committerH. Peter Anvin <hpa@zytor.com>2019-08-05 10:20:14 -0700
commitd9a0f8532bcb46ba8061ca3517d256449cfbc6d9 (patch)
tree80ab133cc65acd3619f730cb5ba6fae6c932a64f
parenta0d15be8e1a3b8126770d19f7cdf925ca0837782 (diff)
downloadsamples-d9a0f8532bcb46ba8061ca3517d256449cfbc6d9.tar.gz
samples-d9a0f8532bcb46ba8061ca3517d256449cfbc6d9.tar.xz
samples-d9a0f8532bcb46ba8061ca3517d256449cfbc6d9.zip
elf2exe: verify limit on 32-bit relocations
Verify that the stub and the 32-bit relocations fit in a 64K segment. If that isn't the case, one probably needs to do more complex stuff such as reading the ELF file in protected mode, like DJGPP does with COFF. This still corresponds to 16,367 possible relocations. Signed-off-by: H. Peter Anvin <hpa@zytor.com>
-rw-r--r--elf2exe/elf2exe.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/elf2exe/elf2exe.c b/elf2exe/elf2exe.c
index 856e748..7942361 100644
--- a/elf2exe/elf2exe.c
+++ b/elf2exe/elf2exe.c
@@ -456,6 +456,13 @@ static int process_file(const char *infile, const char *outfile)
} *hdr;
size_t where = er[1].fileoffs - rel32_size;
+ if (rel32_size + er[1].nrelocs * sizeof(uint32_t) > 0x19999) {
+ fprintf(stderr,
+ "%s: %s: fatal: too many R_386_RELATIVE relocations for loader stub\n",
+ _progname, infile);
+ goto err;
+ }
+
hdr = ((struct rel32_hdr *)((char *)out->wr + er[1].fileoffs))
- 1;
memcpy((char *)out->wr + where, rel32_code, rel32_size);