Breakpad Linux dumper: Compare section names correctly.
FindSectionByName will return the first section whose name starts with NAME, because strncmp stops the comparison once NAME's characters have been found to match. The comparison stops before the terminating '\0'. For example, if we search for the section named ".eh_frame", we may get the section named ".eh_frame_hdr". Instead, check that the section name section has enough space to store the complete name with its terminating '\0', and then use strcmp, which will never examine more than strlen(NAME) + 1 bytes from the section name section, regardless of its contents, and will require the terminating '\0' to match as well. a=jimblandy, r=nealsid git-svn-id: http://google-breakpad.googlecode.com/svn/trunk@525 4c0a9323-5329-0410-9bdc-e9ce6186880e
This commit is contained in:
parent
89f1396fd1
commit
6de1b75da4
1 changed files with 7 additions and 1 deletions
|
@ -105,10 +105,16 @@ static const ElfW(Shdr) *FindSectionByName(const char *name,
|
||||||
if (name_len == 0)
|
if (name_len == 0)
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
||||||
|
// Find the end of the section name section, to make sure that
|
||||||
|
// comparisons don't run off the end of the section.
|
||||||
|
const char *names_end =
|
||||||
|
reinterpret_cast<char*>(section_names->sh_offset + section_names->sh_size);
|
||||||
|
|
||||||
for (int i = 0; i < nsection; ++i) {
|
for (int i = 0; i < nsection; ++i) {
|
||||||
const char *section_name =
|
const char *section_name =
|
||||||
reinterpret_cast<char*>(section_names->sh_offset + sections[i].sh_name);
|
reinterpret_cast<char*>(section_names->sh_offset + sections[i].sh_name);
|
||||||
if (!strncmp(name, section_name, name_len))
|
if (names_end - section_name >= name_len + 1 &&
|
||||||
|
strcmp(name, section_name) == 0)
|
||||||
return sections + i;
|
return sections + i;
|
||||||
}
|
}
|
||||||
return NULL;
|
return NULL;
|
||||||
|
|
Loading…
Reference in a new issue