libelf: Fix extended numbering detection

Extended numbering is used for any of these fields overflowing. Reviewed by: emaste@ Sponsored by: Dell EMC Isilon Differential Revision: https://reviews.freebsd.org/D8701
2016-12-16 01:39:06 +00:00 · 2016-12-16 01:39:06 +00:00 · 1d1bfbbb38
commit 1d1bfbbb38
parent 6a1c4d1efc
1 changed files with 10 additions and 7 deletions
--- a/contrib/elftoolchain/libelf/libelf_ehdr.c
+++ b/contrib/elftoolchain/libelf/libelf_ehdr.c
@ -170,10 +170,6 @@ _libelf_ehdr(Elf *e, int ec, int allocate)
 	(*xlator)((unsigned char*) ehdr, msz, e->e_rawfile, (size_t) 1,
 	    e->e_byteorder != LIBELF_PRIVATE(byteorder));

-	/*
-	 * If extended numbering is being used, read the correct
-	 * number of sections and program header entries.
-	 */
 	if (ec == ELFCLASS32) {
 		phnum = ((Elf32_Ehdr *) ehdr)->e_phnum;
 		shnum = ((Elf32_Ehdr *) ehdr)->e_shnum;
@ -193,12 +189,19 @@ _libelf_ehdr(Elf *e, int ec, int allocate)
 		return (NULL);
 	}

-	if (shnum != 0 || shoff == 0LL) { /* not using extended numbering */
+	/*
+	 * If extended numbering is being used, read the correct
+	 * number of sections and program header entries.
+	 */
+	if ((shnum == 0 && shoff != 0) || phnum == PN_XNUM || strndx == SHN_XINDEX) {
+		if (_libelf_load_extended(e, ec, shoff, phnum, strndx) == 0)
+			return (NULL);
+	} else {
+		/* not using extended numbering */
 		e->e_u.e_elf.e_nphdr = phnum;
 		e->e_u.e_elf.e_nscn = shnum;
 		e->e_u.e_elf.e_strndx = strndx;
-	} else if (_libelf_load_extended(e, ec, shoff, phnum, strndx) == 0)
-		return (NULL);
+	}

 	return (ehdr);
 }