From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits)) (No client certificate requested) by finch.gentoo.org (Postfix) with ESMTPS id 39C54159C9B for ; Fri, 9 Aug 2024 10:06:25 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 19E772BC0A6; Fri, 9 Aug 2024 10:06:24 +0000 (UTC) Received: from smtp.gentoo.org (dev.gentoo.org [IPv6:2001:470:ea4a:1:5054:ff:fec7:86e4]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id F03972BC0A2 for ; Fri, 9 Aug 2024 10:06:23 +0000 (UTC) Received: from oystercatcher.gentoo.org (oystercatcher.gentoo.org [148.251.78.52]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits)) (No client certificate requested) by smtp.gentoo.org (Postfix) with ESMTPS id 342D13430C1 for ; Fri, 9 Aug 2024 10:06:23 +0000 (UTC) Received: from localhost.localdomain (localhost [IPv6:::1]) by oystercatcher.gentoo.org (Postfix) with ESMTP id C0CD11EB8 for ; Fri, 9 Aug 2024 10:06:21 +0000 (UTC) From: "Sam James" To: gentoo-commits@lists.gentoo.org Content-Transfer-Encoding: 8bit Content-type: text/plain; charset=UTF-8 Reply-To: gentoo-dev@lists.gentoo.org, "Sam James" Message-ID: <1723197977.e99a8c374ed7da962bcd4ba76107dc090502e8d6.sam@gentoo> Subject: [gentoo-commits] proj/pax-utils:master commit in: / X-VCS-Repository: proj/pax-utils X-VCS-Files: dumpelf.c X-VCS-Directories: / X-VCS-Committer: sam X-VCS-Committer-Name: Sam James X-VCS-Revision: e99a8c374ed7da962bcd4ba76107dc090502e8d6 X-VCS-Branch: master Date: Fri, 9 Aug 2024 10:06:21 +0000 (UTC) Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-commits@lists.gentoo.org X-Auto-Response-Suppress: DR, RN, NRN, OOF, AutoReply X-Archives-Salt: e256ebd9-cf1a-40a9-9b40-f7698ac67983 X-Archives-Hash: 6fc836749bf0ce88cf0949d775b59588 commit: e99a8c374ed7da962bcd4ba76107dc090502e8d6 Author: Mike Frysinger gentoo org> AuthorDate: Fri Jan 26 04:10:11 2024 +0000 Commit: Sam James gentoo org> CommitDate: Fri Aug 9 10:06:17 2024 +0000 URL: https://gitweb.gentoo.org/proj/pax-utils.git/commit/?id=e99a8c37 dumpelf: limit note name display The note name is supposed to be NUL terminated, but if it's not, make sure we don't keep reading data until we hit out of bounds by limiting to exactly the number of bytes declared (and that we already verified fit within valid memory). Signed-off-by: Mike Frysinger gentoo.org> (cherry picked from commit c7d34ad6cf90f3cbb2a184050996d37966fe2ef1) Signed-off-by: Sam James gentoo.org> dumpelf.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dumpelf.c b/dumpelf.c index b88be0c..15058ee 100644 --- a/dumpelf.c +++ b/dumpelf.c @@ -253,7 +253,7 @@ static void dump_notes(const elfobj *elf, size_t B, const void *memory, const vo printf("\t * Elf%zu_Nhdr note%zu = {\n", B, i); printf("\t * \t.n_namesz = %u, (bytes)", namesz); if (name) - printf(" [%s]", name); + printf(" [%.*s]", namesz, name); printf("\n"); printf("\t * \t.n_descsz = %u, (bytes)", descsz); if (desc) {