Date: Fri, 28 Dec 2018 22:47:56 +0000 (UTC) From: Ed Maste <emaste@FreeBSD.org> To: src-committers@freebsd.org, svn-src-all@freebsd.org, svn-src-head@freebsd.org Subject: svn commit: r342580 - head/usr.bin/ar Message-ID: <201812282247.wBSMlu72050438@repo.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: emaste Date: Fri Dec 28 22:47:55 2018 New Revision: 342580 URL: https://svnweb.freebsd.org/changeset/base/342580 Log: ar: detect and error out on 32-bit symbol table overflow BSD ar currently does not support the /SYM64/ 64-bit symbol table, and previously truncated to 32-bits, silently producing corrupted archives larger than 4GB. This is another overflow case in addtion to r342575. PR: 234454 Reported by: Aijaz Baig, imp MFC after: 2 weeks MFC with: r342575 Sponsored by: The FreeBSD Foundation Modified: head/usr.bin/ar/write.c Modified: head/usr.bin/ar/write.c ============================================================================== --- head/usr.bin/ar/write.c Fri Dec 28 21:26:45 2018 (r342579) +++ head/usr.bin/ar/write.c Fri Dec 28 22:47:55 2018 (r342580) @@ -628,6 +628,9 @@ write_objs(struct bsdar *bsdar) if (strlen(obj->name) > _MAXNAMELEN_SVR4) add_to_ar_str_table(bsdar, obj->name); bsdar->rela_off += _ARHDR_LEN + obj->size + obj->size % 2; + if (bsdar->rela_off > UINT32_MAX) + bsdar_errc(bsdar, EX_SOFTWARE, 0, + "Symbol table offset overflow"); } /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201812282247.wBSMlu72050438>