From b02c051007b6cfad79651f68eaa890a97331c34b Mon Sep 17 00:00:00 2001 From: Astro Date: Fri, 1 May 2020 03:20:19 +0200 Subject: [PATCH] libdyld: fix hash+symtab sizes --- firmware/libdyld/src/image.rs | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/firmware/libdyld/src/image.rs b/firmware/libdyld/src/image.rs index c7926f2..cf112ff 100644 --- a/firmware/libdyld/src/image.rs +++ b/firmware/libdyld/src/image.rs @@ -79,16 +79,16 @@ impl Image { pub fn dyn_section(&self, range: Range) -> Result { let (mut strtab_off, mut strtab_sz) = (0, 0); - let (mut symtab_off, mut symtab_sz) = (0, 0); let (mut rel_off, mut rel_sz) = (0, 0); let (mut rela_off, mut rela_sz) = (0, 0); let (mut pltrel_off, mut pltrel_sz) = (0, 0); let (mut hash_off, mut hash_sz) = (0, 0); - let mut sym_ent = 0; - let mut rel_ent = 0; - let mut rela_ent = 0; - let mut nbucket = 0; - let mut nchain = 0; + let mut symtab_off = 0; + let mut sym_ent = 0; + let mut rel_ent = 0; + let mut rela_ent = 0; + let mut nbucket = 0; + let mut nchain = 0; for dyn_header in self.dyn_headers(range) { let val = unsafe { dyn_header.d_un.d_val } as usize; @@ -112,12 +112,16 @@ impl Image { nchain = *self.get_ref::(val + 4) .ok_or("cannot read hash chain count")? as usize; hash_off = val + 8; - hash_sz = nbucket + nchain; + hash_sz = (nbucket + nchain) * mem::size_of::(); } _ => () } } + // These are the same--there are as many chains as buckets, and the chains only contain + // the symbols that overflowed the bucket. + let symtab_sz = nchain * mem::size_of::(); + if strtab_off + strtab_sz > self.data.len() { return Err("invalid strtab offset/size")? } @@ -143,10 +147,6 @@ impl Image { return Err("invalid pltrel offset/size")? } - // These are the same--there are as many chains as buckets, and the chains only contain - // the symbols that overflowed the bucket. - symtab_sz = nchain; - Ok(DynamicSection { strtab: strtab_off..strtab_off + strtab_sz, symtab: symtab_off..symtab_off + symtab_sz,