Skip to content

Commit fa54975

Browse files
davea42davea42
committed
coverity scan CID 531843 is a false positive.
There is no real problem though the scan says overflow is possible in the arithmetic. The analysis is wrong. modified: ../../lib/libdwarf/dwarf_elfread.c
1 parent 7cff033 commit fa54975

File tree

1 file changed

+50
-5
lines changed

1 file changed

+50
-5
lines changed

src/lib/libdwarf/dwarf_elfread.c

Lines changed: 50 additions & 5 deletions
Original file line numberDiff line numberDiff line change
@@ -306,14 +306,30 @@ elf_load_nolibelf_section_a (void* obj,
306306
Dwarf_Unsigned computed_mmaplen = 0;
307307
Dwarf_Unsigned computed_mmapend = 0;
308308
long pagesize = sysconf(_SC_PAGESIZE);
309-
unsigned long pagesizebits = 0;
309+
Dwarf_Unsigned upagesize = 0;
310+
Dwarf_Unsigned pagesizebits = 0;
310311
Dwarf_Unsigned pageoff = 0;
311312
dwarf_elf_object_access_internals_t *elf =
312313
(dwarf_elf_object_access_internals_t*)(obj);
313314
void * mmptr = 0;
314315

316+
/* pagesize is guaranteed to be a multiple of 2,
317+
and will be >= 512 and is usually 4096.
318+
this helps coverityscan know that sutracting one
319+
from pagesize will not result in an
320+
anomalous number. */
321+
if (pagesize < 200L || pagesize > (128L*1024L*1024L)) {
322+
/* verifying the value of pagesize to help fix
323+
coverity scan CID 531843 */
324+
*errc = DW_DLE_SYSCONF_VALUE_UNUSABLE;
325+
return DW_DLV_ERROR;
326+
}
327+
upagesize = (Dwarf_Unsigned)pagesize;
328+
pagesizebits = upagesize -1;
315329
if (0 < dw_section_index &&
316330
dw_section_index < elf->f_loc_shdr.g_count) {
331+
Dwarf_Unsigned pageadjust = 0;
332+
317333
struct generic_shdr *sp =
318334
elf->f_shdr + dw_section_index;
319335
if (sp->gh_content) {
@@ -334,18 +350,43 @@ elf_load_nolibelf_section_a (void* obj,
334350
return DW_DLV_ERROR;
335351
}
336352
secoffset = sp->gh_offset;
337-
pagesizebits = pagesize -1;
338353
pageoff = secoffset & ~pagesizebits;
339-
computed_mmaplen = (seclen + (secoffset - pageoff) +
340-
pagesizebits) & ~pagesizebits;
354+
/* coverity scan CID 581843. Guarding
355+
against possible overflow complaint
356+
in computing computed_mmaplen. */
357+
computed_mmaplen = seclen;
358+
pageadjust = secoffset - pageoff;
359+
computed_mmaplen += pageadjust;
360+
if (computed_mmaplen > elf->f_filesize) {
361+
*errc = DW_DLE_ELF_SECTION_ERROR;
362+
return DW_DLV_ERROR;
363+
}
364+
computed_mmaplen += pagesizebits;
365+
if (computed_mmaplen > elf->f_filesize) {
366+
*errc = DW_DLE_ELF_SECTION_ERROR;
367+
return DW_DLV_ERROR;
368+
}
369+
computed_mmaplen &= ~pagesizebits;
370+
if (computed_mmaplen > elf->f_filesize) {
371+
/* impossible */
372+
*errc = DW_DLE_ELF_SECTION_ERROR;
373+
return DW_DLV_ERROR;
374+
}
375+
if (computed_mmaplen < seclen) {
376+
/* unsigned arith overflowed? */
377+
*errc = DW_DLE_ELF_SECTION_ERROR;
378+
return DW_DLV_ERROR;
379+
}
341380
computed_mmapend = computed_mmaplen+pageoff;
342381
/* mmap tiny is formally ok, but since we
343382
are doing mmap per_section we do not
344383
want overlaps with other mmap.
345384
Overlap seems to fail. */
346385
if (seclen < (Dwarf_Unsigned)(4096*2) ||
347386
computed_mmaplen >= elf->f_filesize ||
348-
computed_mmapend >= elf->f_filesize) {
387+
computed_mmapend >= elf->f_filesize ||
388+
/* overflow likely? */
389+
computed_mmaplen < seclen) {
349390
/* Does NOT alter *return_data_len */
350391
res = elf_load_nolibelf_section(obj,
351392
dw_section_index,
@@ -357,6 +398,10 @@ elf_load_nolibelf_section_a (void* obj,
357398
/* *return_data_len = not set */
358399
return res;
359400
}
401+
/* Coverity Scan CID 531843. Possible overflow
402+
computing computed_mmaplen. This is
403+
a false positive, Marked as such
404+
in coverity scan 16 July 2025. */
360405
mmptr = mmap(0, (size_t)computed_mmaplen,
361406
PROT_READ|PROT_WRITE, MAP_PRIVATE,
362407
elf->f_fd,(off_t)pageoff);

0 commit comments

Comments
 (0)