debug/elf: validate offset and file size ranges

Change-Id: Iebe31b91c6e81438120f50a8089a8efca3d5339d
Reviewed-on: https://go-review.googlesource.com/c/go/+/426115
Run-TryBot: Dan Kortschak <dan@kortschak.io>
Run-TryBot: Ian Lance Taylor <iant@google.com>
Reviewed-by: Ian Lance Taylor <iant@google.com>
Reviewed-by: Heschi Kreinick <heschi@google.com>
Auto-Submit: Ian Lance Taylor <iant@google.com>
TryBot-Result: Gopher Robot <gobot@golang.org>

diff --git a/src/debug/elf/file.go b/src/debug/elf/file.go
index 95c28c143349f647d4ea5b765b9c0bc0460e175b..f37d4b8e9add355f4cd896565459854312842c11 100644 (file)
--- a/src/debug/elf/file.go
+++ b/src/debug/elf/file.go
@@ -377,6 +377,12 @@ func NewFile(r io.ReaderAt) (*File, error) {
                                Align:  ph.Align,
                        }
                }
+               if int64(p.Off) < 0 {
+                       return nil, &FormatError{off, "invalid program header offset", p.Off}
+               }
+               if int64(p.Filesz) < 0 {
+                       return nil, &FormatError{off, "invalid program header file size", p.Filesz}
+               }
                p.sr = io.NewSectionReader(r, int64(p.Off), int64(p.Filesz))
                p.ReaderAt = p.sr
                f.Progs[i] = p