diff options
| author | Daniel Bertalan <dani@danielbertalan.dev> | 2021-08-09 22:22:57 +0200 |
|---|---|---|
| committer | Gunnar Beutner <gunnar@beutner.name> | 2021-08-09 23:15:48 +0200 |
| commit | e0e3198d516a9a53239bbe7e5dfb76f3e78cef70 (patch) | |
| tree | e8901fca74981b6ae69da4422267fefca15d68be /Userland/Libraries/LibELF | |
| parent | d16d116b65b3e134302629e1ac737c2aafecfc80 (diff) | |
| download | serenity-e0e3198d516a9a53239bbe7e5dfb76f3e78cef70.zip | |
LibELF: Fix 'applying offset produced null pointer' UBSAN failure
These integer => pointer => integer conversions were technically prone
to UB, since they were used as offsets (which are perfectly fine to be
zero), but we calculated them with pointer arithmetic. This made Clang
insert pointer overflow UBSAN checks, which trigger in case of a zero
result.
Diffstat (limited to 'Userland/Libraries/LibELF')
| -rw-r--r-- | Userland/Libraries/LibELF/DynamicLoader.cpp | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/Userland/Libraries/LibELF/DynamicLoader.cpp b/Userland/Libraries/LibELF/DynamicLoader.cpp index db6fa1c896..f8cfb21a56 100644 --- a/Userland/Libraries/LibELF/DynamicLoader.cpp +++ b/Userland/Libraries/LibELF/DynamicLoader.cpp @@ -321,7 +321,7 @@ void DynamicLoader::load_program_headers() for (auto& text_region : text_regions) { FlatPtr ph_text_desired_base = text_region.desired_load_address().get(); FlatPtr ph_text_base = text_region.desired_load_address().page_base().get(); - FlatPtr ph_text_end = ph_text_base + round_up_to_power_of_two(text_region.size_in_memory() + (size_t)(text_region.desired_load_address().as_ptr() - ph_text_base), PAGE_SIZE); + FlatPtr ph_text_end = ph_text_base + round_up_to_power_of_two(text_region.size_in_memory() + text_region.desired_load_address().get() - ph_text_base, PAGE_SIZE); // Now we can map the text segment at the reserved address. auto* text_segment_begin = (u8*)mmap_with_name( @@ -355,7 +355,7 @@ void DynamicLoader::load_program_headers() for (auto& data_region : data_regions) { FlatPtr ph_data_base = data_region.desired_load_address().page_base().get(); - FlatPtr ph_data_end = ph_data_base + round_up_to_power_of_two(data_region.size_in_memory() + (size_t)(data_region.desired_load_address().as_ptr() - ph_data_base), PAGE_SIZE); + FlatPtr ph_data_end = ph_data_base + round_up_to_power_of_two(data_region.size_in_memory() + data_region.desired_load_address().get() - ph_data_base, PAGE_SIZE); auto* data_segment_address = (u8*)reservation + ph_data_base - ph_load_base; size_t data_segment_size = ph_data_end - ph_data_base; |