libctf: error out on corrupt CTF with invalid header flags

If corrupt CTF with invalid header flags is passed in, return the new error ECTF_FLAGS. include/ * ctf-api.h (ECTF_FLAGS): New. (ECTF_NERR): Adjust. * ctf.h (CTF_F_MAX): New. libctf/ * ctf-open.c (ctf_bufopen_internal): Diagnose invalid flags.
2025-02-17 13:10:12 +08:00 · 2020-06-03 17:31:44 +01:00 · 2020-06-03 17:31:44 +01:00 · ec388c16cd
commit ec388c16cd
parent 67d4cc671b
5 changed files with 18 additions and 3 deletions
--- a/include/ChangeLog
+++ b/include/ChangeLog
@ -1,3 +1,9 @@
+2020-07-22  Nick Alcock  <nick.alcock@oracle.com>
+
+	* ctf-api.h (ECTF_FLAGS): New.
+	(ECTF_NERR): Adjust.
+	* ctf.h (CTF_F_MAX): New.
+
 2020-07-22  Nick Alcock  <nick.alcock@oracle.com>

 	* ctf-api.h (ECTF_NEXT_END): New error.
--- a/include/ctf-api.h
+++ b/include/ctf-api.h
@ -207,10 +207,11 @@ enum
   ECTF_NONREPRESENTABLE, /* Type not representable in CTF.  */
   ECTF_NEXT_END,	/* End of iteration.  */
   ECTF_NEXT_WRONGFUN,	/* Wrong iteration function called.  */
-   ECTF_NEXT_WRONGFP	/* Iteration entity changed in mid-iterate.  */
+   ECTF_NEXT_WRONGFP,	/* Iteration entity changed in mid-iterate.  */
+   ECTF_FLAGS		/* CTF header contains flags unknown to libctf.  */
  };

-#define ECTF_NERR (ECTF_NEXT_WRONGFP - ECTF_BASE + 1)	/* Count of CTF errors.  */
+#define ECTF_NERR (ECTF_FLAGS - ECTF_BASE + 1)	/* Count of CTF errors.  */

 /* The CTF data model is inferred to be the caller's data model or the data
   model of the given object, unless ctf_setmodel() is explicitly called.  */
--- a/include/ctf.h
+++ b/include/ctf.h
@ -199,7 +199,8 @@ typedef struct ctf_header
 #define CTF_VERSION_3 4
 #define CTF_VERSION CTF_VERSION_3 /* Current version.  */

-#define CTF_F_COMPRESS	0x1	/* Data buffer is compressed by libctf.  */
+#define CTF_F_COMPRESS	0x1		/* Data buffer is compressed by libctf.  */
+#define CTF_F_MAX	CTF_F_COMPRESS	/* The greatest flag value in use.  */

 typedef struct ctf_lblent
 {
--- a/libctf/ChangeLog
+++ b/libctf/ChangeLog
@ -1,3 +1,7 @@
+2020-07-22  Nick Alcock  <nick.alcock@oracle.com>
+
+	* ctf-open.c (ctf_bufopen_internal): Diagnose invalid flags.
+
 2020-07-22  Nick Alcock  <nick.alcock@oracle.com>

 	ctf-decls.h (ctf_qsort_compar_thunk): Fix arg passing.
--- a/libctf/ctf-open.c
+++ b/libctf/ctf-open.c
@ -1384,6 +1384,9 @@ ctf_bufopen_internal (const ctf_sect_t *ctfsect, const ctf_sect_t *symsect,
  if (pp->ctp_version < CTF_VERSION_3)
    hdrsz = sizeof (ctf_header_v2_t);

+  if (_libctf_unlikely_ (pp->ctp_flags > CTF_F_MAX))
+    return (ctf_set_open_errno (errp, ECTF_FLAGS));
+
  if (ctfsect->cts_size < hdrsz)
    return (ctf_set_open_errno (errp, ECTF_NOCTFBUF));