From 0b4fa56e07639ed28cbbcd890868e01a82a5e45c Mon Sep 17 00:00:00 2001 From: Nick Alcock Date: Wed, 19 Jun 2019 12:27:18 +0100 Subject: [PATCH] libctf: unidentified type kinds on open are a sign of file corruption If we see a CTF type with a kind we do not recognize in its ctt_info during opening, we cannot skip it and continue opening the file: if the type kind is unknown, we do not know how long its vlen is, and we cannot have skipped past it: so if we continue reading we will almost certainly read in part of the vlen as if it were a new ctf_type_t. Avoid this trouble by considering unknown type kinds to be a reason to return ECTF_CORRUPT, just like everything else that reads in type kinds does. libctf/ * ctf-open.c (ctf_types): Fail when unidentified type kinds are seen. --- libctf/ChangeLog | 5 +++++ libctf/ctf-open.c | 4 ++++ 2 files changed, 9 insertions(+) diff --git a/libctf/ChangeLog b/libctf/ChangeLog index 9ff7cd4146..ad5685b691 100644 --- a/libctf/ChangeLog +++ b/libctf/ChangeLog @@ -1,3 +1,8 @@ +2019-06-19 Nick Alcock + + * ctf-open.c (ctf_types): Fail when unidentified type kinds are + seen. + 2019-06-19 Nick Alcock * ctf-open.c (ctf_bufopen): Dump header offsets into the debugging diff --git a/libctf/ctf-open.c b/libctf/ctf-open.c index df735acb40..14f7062590 100644 --- a/libctf/ctf-open.c +++ b/libctf/ctf-open.c @@ -856,6 +856,10 @@ init_types (ctf_file_t *fp, ctf_header_t *cth) if (err != 0 && err != ECTF_STRTAB) return err; break; + default: + ctf_dprintf ("unhandled CTF kind in endianness conversion -- %x\n", + kind); + return ECTF_CORRUPT; } *xp = (uint32_t) ((uintptr_t) tp - (uintptr_t) fp->ctf_buf); -- 2.34.1