From 4591b7db23bf5f58f6dbd81a5d9f926bf765cd09 Mon Sep 17 00:00:00 2001 From: "H.J. Lu" Date: Fri, 27 Jul 2018 13:20:51 -0700 Subject: x86/CET: Don't parse beyond the note end Simply check if "ptr < ptr_end" since "ptr" is always incremented by 8. Reviewed-by: Carlos O'Donell * sysdeps/x86/dl-prop.h (_dl_process_cet_property_note): Don't parse beyond the note end. --- sysdeps/x86/dl-prop.h | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'sysdeps/x86/dl-prop.h') diff --git a/sysdeps/x86/dl-prop.h b/sysdeps/x86/dl-prop.h index d56e20a6dc..35d3f16a23 100644 --- a/sysdeps/x86/dl-prop.h +++ b/sysdeps/x86/dl-prop.h @@ -73,7 +73,7 @@ _dl_process_cet_property_note (struct link_map *l, unsigned char *ptr = (unsigned char *) (note + 1) + 4; unsigned char *ptr_end = ptr + note->n_descsz; - while (1) + while (ptr < ptr_end) { unsigned int type = *(unsigned int *) ptr; unsigned int datasz = *(unsigned int *) (ptr + 4); -- cgit v1.2.3