From 4be6cfebcd3035bd3daa63144632556057837c74 Mon Sep 17 00:00:00 2001 From: John Reiser Date: Tue, 23 Mar 2021 18:21:45 -0700 Subject: [PATCH] get_te32() when checking DT_GNU_HASH chains (MIPS .so) https://github.com/upx/upx/issues/473 modified: p_lx_elf.cpp --- src/p_lx_elf.cpp | 22 ++++++++++++---------- 1 file changed, 12 insertions(+), 10 deletions(-) diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp index 9a3e091b..66e6815e 100644 --- a/src/p_lx_elf.cpp +++ b/src/p_lx_elf.cpp @@ -1733,15 +1733,16 @@ PackLinuxElf32::invert_pt_dynamic(Elf32_Dyn const *dynp, unsigned headway) // Rust and Android trim unused zeroes from high end of hasharr[] unsigned bmax = 0; for (unsigned j= 0; j < n_bucket; ++j) { - if (buckets[j]) { - if (buckets[j] < symbias) { + unsigned bj = get_te32(&buckets[j]); + if (bj) { + if (bj < symbias) { char msg[50]; snprintf(msg, sizeof(msg), "bad DT_GNU_HASH bucket[%d] < symbias{%#x}\n", - buckets[j], symbias); + bj, symbias); throwCantPack(msg); } - if (bmax < buckets[j]) { - bmax = buckets[j]; + if (bmax < bj) { + bmax = bj; } } } @@ -5443,15 +5444,16 @@ PackLinuxElf64::invert_pt_dynamic(Elf64_Dyn const *dynp, upx_uint64_t headway) // Rust and Android trim unused zeroes from high end of hasharr[] unsigned bmax = 0; for (unsigned j= 0; j < n_bucket; ++j) { - if (buckets[j]) { - if (buckets[j] < symbias) { + unsigned bj = get_te32(&buckets[j]); + if (bj) { + if (bj < symbias) { char msg[50]; snprintf(msg, sizeof(msg), "bad DT_GNU_HASH bucket[%d] < symbias{%#x}\n", - buckets[j], symbias); + bj, symbias); throwCantPack(msg); } - if (bmax < buckets[j]) { - bmax = buckets[j]; + if (bmax < bj) { + bmax = bj; } } }