Guard check in module loader against integer overflow (ef26a5a6) · Commits · 方亚芬 / linux

Commit ef26a5a6 authored May 22, 2012 by

David Howells Committed by Rusty Russell May 23, 2012

Guard check in module loader against integer overflow



The check:

	if (len < hdr->e_shoff + hdr->e_shnum * sizeof(Elf_Shdr))

may not work if there's an overflow in the right-hand side of the condition.

Signed-off-by: David Howells <dhowells@redhat.com>
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>

parent 3c7ec94d

Hide whitespace changes

Inline Side-by-side

Please register or to comment