From 30d00537993d9ef3a5c3b56aa02d7da1c79bf869 Mon Sep 17 00:00:00 2001 From: Vladimir Serbinenko Date: Wed, 11 Dec 2013 11:29:35 +0100 Subject: [PATCH] * grub-core/kern/ia64/dl.c (grub_arch_dl_relocate_symbols): Add checks for relocation range. --- ChangeLog | 5 +++++ grub-core/kern/ia64/dl.c | 9 +++++++++ 2 files changed, 14 insertions(+) diff --git a/ChangeLog b/ChangeLog index ea697a806..37184be26 100644 --- a/ChangeLog +++ b/ChangeLog @@ -1,3 +1,8 @@ +2013-12-11 Vladimir Serbinenko + + * grub-core/kern/ia64/dl.c (grub_arch_dl_relocate_symbols): Add checks + for relocation range. + 2013-12-11 Vladimir Serbinenko * grub-core/kern/ia64/dl.c (grub_arch_dl_relocate_symbols): Handle diff --git a/grub-core/kern/ia64/dl.c b/grub-core/kern/ia64/dl.c index d6c183d33..ad79eb525 100644 --- a/grub-core/kern/ia64/dl.c +++ b/grub-core/kern/ia64/dl.c @@ -26,6 +26,7 @@ #include #define MASK19 ((1 << 19) - 1) +#define MASK20 ((1 << 20) - 1) /* Check if EHDR is a valid ELF header. */ grub_err_t @@ -104,6 +105,10 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr, *(grub_uint64_t *) addr += value - addr; break; case R_IA64_GPREL22: + if ((value - (grub_addr_t) mod->base) & ~MASK20) + return grub_error (GRUB_ERR_BAD_MODULE, + "gprel offset too big (%lx)", + value - (grub_addr_t) mod->base); grub_ia64_add_value_to_slot_21 (addr, value - (grub_addr_t) mod->base); break; @@ -115,6 +120,10 @@ grub_arch_dl_relocate_symbols (grub_dl_t mod, void *ehdr, { grub_uint64_t *gpptr = mod->gotptr; *gpptr = value; + if (((grub_addr_t) gpptr - (grub_addr_t) mod->base) & ~MASK20) + return grub_error (GRUB_ERR_BAD_MODULE, + "gprel offset too big (%lx)", + (grub_addr_t) gpptr - (grub_addr_t) mod->base); grub_ia64_add_value_to_slot_21 (addr, (grub_addr_t) gpptr - (grub_addr_t) mod->base); mod->gotptr = gpptr + 1; break;