67 lines
2.1 KiB
Diff
67 lines
2.1 KiB
Diff
From 31ca172357c4d3520caf29b9efb5e6ccd622aae9 Mon Sep 17 00:00:00 2001
|
|
From: Qianli Zhao <zhaoqianli@xiaomi.com>
|
|
Date: Mon, 30 Nov 2020 17:17:32 +0800
|
|
Subject: [PATCH 02/13] netdump: fix regression for raw RAM dumpfiles
|
|
|
|
Commit f42db6a33f0e ("Support core files with "unusual" layout")
|
|
increased the minimal file size from MIN_NETDUMP_ELF_HEADER_SIZE to
|
|
SAFE_NETDUMP_ELF_HEADER_SIZE which can lead to crash rejecting
|
|
raw RAM dumpfiles. Without the patch, the crash fails to start
|
|
a session with the error message:
|
|
|
|
/var/tmp/ramdump_elf_XXXXXX: ELF header read: No such file or directory
|
|
crash: malformed ELF file: /var/tmp/ramdump_elf_XXXXXX
|
|
|
|
Fix that by erroring out only if we get less than
|
|
MIN_NETDUMP_ELF_HEADER_SIZE bytes.
|
|
|
|
Signed-off-by: Qianli Zhao <zhaoqianli@xiaomi.com>
|
|
Acked-and-tested-by: Mathias Krause <minipli@grsecurity.net>
|
|
Signed-off-by: Lianbo Jiang <lijiang@redhat.com>
|
|
---
|
|
netdump.c | 11 ++++++++---
|
|
1 file changed, 8 insertions(+), 3 deletions(-)
|
|
|
|
diff --git a/netdump.c b/netdump.c
|
|
index c76d9dd1a1e5..ca9b459fc57b 100644
|
|
--- a/netdump.c
|
|
+++ b/netdump.c
|
|
@@ -119,7 +119,8 @@ is_netdump(char *file, ulong source_query)
|
|
Elf64_Phdr *load64;
|
|
char *eheader, *sect0;
|
|
char buf[BUFSIZE];
|
|
- size_t size, len, tot;
|
|
+ ssize_t size;
|
|
+ size_t len, tot;
|
|
Elf32_Off offset32;
|
|
Elf64_Off offset64;
|
|
ulong format;
|
|
@@ -134,7 +135,7 @@ is_netdump(char *file, ulong source_query)
|
|
|
|
size = SAFE_NETDUMP_ELF_HEADER_SIZE;
|
|
if ((eheader = (char *)malloc(size)) == NULL) {
|
|
- fprintf(stderr, "cannot malloc minimum ELF header buffer\n");
|
|
+ fprintf(stderr, "cannot malloc ELF header buffer\n");
|
|
clean_exit(1);
|
|
}
|
|
|
|
@@ -142,10 +143,14 @@ is_netdump(char *file, ulong source_query)
|
|
if (!read_flattened_format(fd, 0, eheader, size))
|
|
goto bailout;
|
|
} else {
|
|
- if (read(fd, eheader, size) != size) {
|
|
+ size = read(fd, eheader, size);
|
|
+ if (size < 0) {
|
|
sprintf(buf, "%s: ELF header read", file);
|
|
perror(buf);
|
|
goto bailout;
|
|
+ } else if (size < MIN_NETDUMP_ELF_HEADER_SIZE) {
|
|
+ fprintf(stderr, "%s: file too small!\n", file);
|
|
+ goto bailout;
|
|
}
|
|
}
|
|
|
|
--
|
|
2.17.1
|
|
|