From 420d2bb1dc57cbc9198813f9b5d9eb7b134eb35a Mon Sep 17 00:00:00 2001 From: Omar Sandoval Date: Fri, 25 Jun 2021 17:45:12 -0700 Subject: [PATCH] libdrgn: dwarf_index: fix DW_AT_strp bounds check The string must be null terminated, so there must be at least one byte left in .debug_str. Signed-off-by: Omar Sandoval --- libdrgn/dwarf_index.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libdrgn/dwarf_index.c b/libdrgn/dwarf_index.c index 5308f6ca..baa151d5 100644 --- a/libdrgn/dwarf_index.c +++ b/libdrgn/dwarf_index.c @@ -1461,7 +1461,7 @@ sibling: if ((err = binary_buffer_next_u64(&buffer->bb, &tmp))) return err; strp: - if (tmp > debug_str->d_size) { + if (tmp >= debug_str->d_size) { return binary_buffer_error(&buffer->bb, "DW_AT_name is out of bounds"); }