Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
core: elf_load_body(): use MUL_OVERFLOW() to get size of section headers
At the end of elf_load_body(), section headers are copied in a system heap memory block, associated to state->shdr. As the computed size is the result of an uncontrolled multiplication (ehdr.e_shnum * ehdr.e_shentsize), it could have overflowed and result in allocating a small memory block. Use an overflow checking macro to prevent this case. Signed-off-by: Jerome Forissier <jerome.forissier@linaro.org> Reported-by: Bastien Simondi <bsimondi@netflix.com> [1.7] Reviewed-by: Jens Wiklander <jens.wiklander@linaro.org> Reviewed-by: Joakim Bech <joakim.bech@linaro.org>
- Loading branch information