From 91b81b587bc15682bb484a35487f965bf3918196 Mon Sep 17 00:00:00 2001
From: John Reiser <jreiser@BitWagon.com>
Date: Sat, 15 Dec 2018 19:35:13 -0800
Subject: [PATCH] Abandon when outrageous Elf64_Dyn.d_tag

https://github.com/upx/upx/issues/235  POC8
	modified:   p_lx_elf.cpp
---
 src/p_lx_elf.cpp | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/src/p_lx_elf.cpp b/src/p_lx_elf.cpp
index 58d1f142..caa05a85 100644
--- a/src/p_lx_elf.cpp
+++ b/src/p_lx_elf.cpp
@@ -4690,6 +4690,11 @@ PackLinuxElf64::invert_pt_dynamic(Elf64_Dyn const *dynp)
     if (dynp)
     for (; ; ++ndx, ++dynp) {
         upx_uint64_t const d_tag = get_te64(&dynp->d_tag);
+        if (d_tag>>32) { // outrageous
+            char msg[50]; snprintf(msg, sizeof(msg),
+                "bad Elf64_Dyn[%d].d_tag %#lx", -1+ ndx, (long unsigned)d_tag);
+            throwCantPack(msg);
+        }
         if (d_tag < DT_NUM) {
             dt_table[d_tag] = ndx;
         }