path: root/src/exec.c
diff options
authorMark Hatle <mark.hatle@windriver.com>2018-10-12 16:20:48 -0400
committerMark Hatle <mark.hatle@windriver.com>2019-06-24 11:17:47 -0400
commitf9975537dbfd9ade0fc813bd5cf5fcbe41753a37 (patch)
tree02e864a22518d4aec62360e4d707de3c8d68476c /src/exec.c
parentbef24e6cee1e55b3bdbdb2defa625062cbb751a8 (diff)
Detect PIE executables w/ COPY relocs, and prevent running over the sectionscross_prelink_stagingcross_prelink
before the commit (a89297f08cda5ca48d21088891150e7ccc9ddac3) the system would report: COPY relocations don't point into .bss or .sbss section Now, it often reports: file offsets not monotonically increasing This was tracked down (using this debug code) to the .gnu.conflict section being added. In one example the offset ranges ended up being: ../src/prelink: section 15 .fini file offset range 000012f4 and 000012fd ../src/prelink: section 16 .gnu.conflict file offset range 00001300 and 00002080 ../src/prelink: section 17 .rodata file offset range 00002000 and 000020a3 ../src/prelink: section 18 .eh_frame_hdr file offset range 000020a4 and 00002118 This indicates that the new .gnu.conflict section overwrites .rodata by 0x80 bytes. This commit includes a check and error return for this condition. Signed-off-by: Mark Hatle <mark.hatle@windriver.com>
Diffstat (limited to 'src/exec.c')
1 files changed, 9 insertions, 0 deletions
diff --git a/src/exec.c b/src/exec.c
index 4f56629..ca7fd14 100644
--- a/src/exec.c
+++ b/src/exec.c
@@ -1122,6 +1122,15 @@ error_out:
goto error_out;
if (set_dynamic (dso, DT_GNU_CONFLICTSZ, dso->shdr[i].sh_size, 1))
goto error_out;
+ /* Check if we're going to run over the next section */
+ if (dso->shdr[i].sh_offset
+ + (dso->shdr[i].sh_type == SHT_NOBITS
+ ? 0 : dso->shdr[i].sh_size) > dso->shdr[i+1].sh_offset)
+ {
+ error (0, ENOMEM, "%s: Could not create .gnu.conflict section [overwrites next section]",
+ dso->filename);
+ goto error_out;
+ }
if (undo != -1)