Skip to content

Commit ce90e05

Browse files
committed
- Add a limit to the number of ELF notes processed (Suggested by Alexander
Cherepanov) - Restructure ELF note printing so that we don't print the same message multiple times on repeated notes of the same kind.
1 parent 0ece9b2 commit ce90e05

11 files changed

+292
-198
lines changed

Diff for: ChangeLog

+5
Original file line numberDiff line numberDiff line change
@@ -1,3 +1,8 @@
1+
2014-12-16 18:10 Christos Zoulas <christos@zoulas.com>
2+
3+
* restructure elf note printing to avoid repeated messages
4+
* add note limit, suggested by Alexander Cherepanov
5+
16
2014-12-16 16:53 Christos Zoulas <christos@zoulas.com>
27

38
* Bail out on partial pread()'s (Alexander Cherepanov)

Diff for: doc/file.man

+3-2
Original file line numberDiff line numberDiff line change
@@ -1,5 +1,5 @@
1-
.\" $File: file.man,v 1.109 2014/11/28 02:35:05 christos Exp $
2-
.Dd November 27, 2014
1+
.\" $File: file.man,v 1.110 2014/11/28 02:46:39 christos Exp $
2+
.Dd December 16, 2014
33
.Dt FILE __CSECTION__
44
.Os
55
.Sh NAME
@@ -310,6 +310,7 @@ Set various parameter limits.
310310
.It Sy "Name" Ta Sy "Default" Ta Sy "Explanation"
311311
.It Li indir Ta 15 Ta recursion limit for indirect magic
312312
.It Li name Ta 30 Ta use count limit for name/use magic
313+
.It Li elf_notes Ta 256 Ta max ELF notes processed
313314
.It Li elf_phnum Ta 128 Ta max ELF program sections processed
314315
.It Li elf_shnum Ta 32768 Ta max ELF sections processed
315316
.El

Diff for: doc/libmagic.man

+9-4
Original file line numberDiff line numberDiff line change
@@ -1,4 +1,4 @@
1-
.\" $File: libmagic.man,v 1.32 2014/11/28 02:35:05 christos Exp $
1+
.\" $File: libmagic.man,v 1.33 2014/11/28 02:46:39 christos Exp $
22
.\"
33
.\" Copyright (c) Christos Zoulas 2003.
44
.\" All Rights Reserved.
@@ -25,7 +25,7 @@
2525
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
2626
.\" SUCH DAMAGE.
2727
.\"
28-
.Dd November 27, 2014
28+
.Dd December 16, 2014
2929
.Dt LIBMAGIC 3
3030
.Os
3131
.Sh NAME
@@ -284,6 +284,7 @@ library.
284284
.It Sy "Parameter" Ta Sy "Type" Ta Sy "Default"
285285
.It Li MAGIC_PARAM_INDIR_MAX Ta size_t Ta 15
286286
.It Li MAGIC_PARAM_NAME_MAX Ta size_t Ta 30
287+
.It Li MAGIC_PARAM_ELF_NOTES_MAX Ta size_t Ta 256
287288
.It Li MAGIC_PARAM_ELF_PHNUM_MAX Ta size_t Ta 128
288289
.It Li MAGIC_PARAM_ELF_SHNUM_MAX Ta size_t Ta 32768
289290
.El
@@ -303,12 +304,16 @@ The
303304
parameter controls the maximum number of calls for name/use.
304305
.Pp
305306
The
307+
.Dv MAGIC_PARAM_NOTES_MAX
308+
parameter controls how many ELF notes will be processed.
309+
.Pp
310+
The
306311
.Dv MAGIC_PARAM_PHNUM_MAX
307-
parameter controls how many elf program sections will be processed.
312+
parameter controls how many ELF program sections will be processed.
308313
.Pp
309314
The
310315
.Dv MAGIC_PARAM_SHNUM_MAX
311-
parameter controls how many elf sections will be processed.
316+
parameter controls how many ELF sections will be processed.
312317
.Pp
313318
The
314319
.Fn magic_version

Diff for: src/apprentice.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@
3232
#include "file.h"
3333

3434
#ifndef lint
35-
FILE_RCSID("@(#)$File: apprentice.c,v 1.226 2014/11/28 02:35:05 christos Exp $")
35+
FILE_RCSID("@(#)$File: apprentice.c,v 1.227 2014/11/28 02:46:39 christos Exp $")
3636
#endif /* lint */
3737

3838
#include "magic.h"
@@ -528,6 +528,7 @@ file_ms_alloc(int flags)
528528
ms->name_max = FILE_NAME_MAX;
529529
ms->elf_shnum_max = FILE_ELF_SHNUM_MAX;
530530
ms->elf_phnum_max = FILE_ELF_PHNUM_MAX;
531+
ms->elf_notes_max = FILE_ELF_NOTES_MAX;
531532
return ms;
532533
free:
533534
free(ms);

Diff for: src/elfclass.h

+10-6
Original file line numberDiff line numberDiff line change
@@ -32,17 +32,18 @@
3232
swap = (u.c[sizeof(int32_t) - 1] + 1) != elfhdr.e_ident[EI_DATA];
3333

3434
type = elf_getu16(swap, elfhdr.e_type);
35+
notecount = ms->elf_notes_max;
3536
switch (type) {
3637
#ifdef ELFCORE
3738
case ET_CORE:
3839
phnum = elf_getu16(swap, elfhdr.e_phnum);
3940
if (phnum > ms->elf_phnum_max)
40-
return toomany(ms, "program", phnum);
41+
return toomany(ms, "program headers", phnum);
4142
flags |= FLAGS_IS_CORE;
4243
if (dophn_core(ms, clazz, swap, fd,
4344
(off_t)elf_getu(swap, elfhdr.e_phoff), phnum,
4445
(size_t)elf_getu16(swap, elfhdr.e_phentsize),
45-
fsize, &flags) == -1)
46+
fsize, &flags, &notecount) == -1)
4647
return -1;
4748
break;
4849
#endif
@@ -57,22 +58,25 @@
5758
if (dophn_exec(ms, clazz, swap, fd,
5859
(off_t)elf_getu(swap, elfhdr.e_phoff), phnum,
5960
(size_t)elf_getu16(swap, elfhdr.e_phentsize),
60-
fsize, &flags, shnum) == -1)
61+
fsize, shnum, &flags, &notecount) == -1)
6162
return -1;
6263
/*FALLTHROUGH*/
6364
case ET_REL:
6465
shnum = elf_getu16(swap, elfhdr.e_shnum);
6566
if (shnum > ms->elf_shnum_max)
66-
return toomany(ms, "section", shnum);
67+
return toomany(ms, "section headers", shnum);
6768
if (doshn(ms, clazz, swap, fd,
6869
(off_t)elf_getu(swap, elfhdr.e_shoff), shnum,
6970
(size_t)elf_getu16(swap, elfhdr.e_shentsize),
70-
fsize, &flags, elf_getu16(swap, elfhdr.e_machine),
71-
(int)elf_getu16(swap, elfhdr.e_shstrndx)) == -1)
71+
fsize, elf_getu16(swap, elfhdr.e_machine),
72+
(int)elf_getu16(swap, elfhdr.e_shstrndx),
73+
&flags, &notecount) == -1)
7274
return -1;
7375
break;
7476

7577
default:
7678
break;
7779
}
80+
if (notecount == 0)
81+
return toomany(ms, "notes", ms->elf_notes_max);
7882
return 1;

Diff for: src/file.c

+2-1
Original file line numberDiff line numberDiff line change
@@ -32,7 +32,7 @@
3232
#include "file.h"
3333

3434
#ifndef lint
35-
FILE_RCSID("@(#)$File: file.c,v 1.158 2014/11/28 02:35:05 christos Exp $")
35+
FILE_RCSID("@(#)$File: file.c,v 1.159 2014/11/28 02:46:39 christos Exp $")
3636
#endif /* lint */
3737

3838
#include "magic.h"
@@ -125,6 +125,7 @@ private struct {
125125
{ "name", MAGIC_PARAM_NAME_MAX, 0 },
126126
{ "elf_phnum", MAGIC_PARAM_ELF_PHNUM_MAX, 0 },
127127
{ "elf_shnum", MAGIC_PARAM_ELF_SHNUM_MAX, 0 },
128+
{ "elf_notes", MAGIC_PARAM_ELF_NOTES_MAX, 0 },
128129
};
129130

130131
private char *progname; /* used throughout */

Diff for: src/file.h

+3-1
Original file line numberDiff line numberDiff line change
@@ -27,7 +27,7 @@
2727
*/
2828
/*
2929
* file.h - definitions for file(1) program
30-
* @(#)$File: file.h,v 1.161 2014/12/04 15:56:46 christos Exp $
30+
* @(#)$File: file.h,v 1.162 2014/12/11 12:34:24 christos Exp $
3131
*/
3232

3333
#ifndef __file_h__
@@ -407,10 +407,12 @@ struct magic_set {
407407
uint16_t name_max;
408408
uint16_t elf_shnum_max;
409409
uint16_t elf_phnum_max;
410+
uint16_t elf_notes_max;
410411
#define FILE_INDIR_MAX 15
411412
#define FILE_NAME_MAX 30
412413
#define FILE_ELF_SHNUM_MAX 32768
413414
#define FILE_ELF_PHNUM_MAX 128
415+
#define FILE_ELF_NOTES_MAX 256
414416
};
415417

416418
/* Type for Unicode characters */

Diff for: src/file_opts.h

+1
Original file line numberDiff line numberDiff line change
@@ -46,6 +46,7 @@ OPT('p', "preserve-date", 0, " preserve access times on files\n")
4646
OPT('P', "parameter", 0, " set file engine parameter limits\n"
4747
" indir 15 recursion limit for indirection\n"
4848
" name 30 use limit for name/use magic\n"
49+
" elf_notes 256 max ELF notes processed\n"
4950
" elf_phnum 128 max ELF prog sections processed\n"
5051
" elf_shnum 32768 max ELF sections processed\n")
5152
OPT('r', "raw", 0, " don't translate unprintable chars to \\ooo\n")

Diff for: src/magic.c

+7-1
Original file line numberDiff line numberDiff line change
@@ -33,7 +33,7 @@
3333
#include "file.h"
3434

3535
#ifndef lint
36-
FILE_RCSID("@(#)$File: magic.c,v 1.89 2014/11/28 02:46:39 christos Exp $")
36+
FILE_RCSID("@(#)$File: magic.c,v 1.90 2014/12/04 15:56:46 christos Exp $")
3737
#endif /* lint */
3838

3939
#include "magic.h"
@@ -554,6 +554,9 @@ magic_setparam(struct magic_set *ms, int param, const void *val)
554554
case MAGIC_PARAM_ELF_SHNUM_MAX:
555555
ms->elf_shnum_max = *(const size_t *)val;
556556
return 0;
557+
case MAGIC_PARAM_ELF_NOTES_MAX:
558+
ms->elf_notes_max = *(const size_t *)val;
559+
return 0;
557560
default:
558561
errno = EINVAL;
559562
return -1;
@@ -576,6 +579,9 @@ magic_getparam(struct magic_set *ms, int param, void *val)
576579
case MAGIC_PARAM_ELF_SHNUM_MAX:
577580
*(size_t *)val = ms->elf_shnum_max;
578581
return 0;
582+
case MAGIC_PARAM_ELF_NOTES_MAX:
583+
*(size_t *)val = ms->elf_notes_max;
584+
return 0;
579585
default:
580586
errno = EINVAL;
581587
return -1;

Diff for: src/magic.h.in

+1
Original file line numberDiff line numberDiff line change
@@ -107,6 +107,7 @@ int magic_errno(magic_t);
107107
#define MAGIC_PARAM_NAME_MAX 1
108108
#define MAGIC_PARAM_ELF_PHNUM_MAX 2
109109
#define MAGIC_PARAM_ELF_SHNUM_MAX 3
110+
#define MAGIC_PARAM_ELF_NOTES_MAX 4
110111

111112
int magic_setparam(magic_t, int, const void *);
112113
int magic_getparam(magic_t, int, void *);

0 commit comments

Comments
 (0)