diff options
Diffstat (limited to 'patchoat/patchoat.cc')
| -rw-r--r-- | patchoat/patchoat.cc | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/patchoat/patchoat.cc b/patchoat/patchoat.cc index a6d3903f19..73627b2302 100644 --- a/patchoat/patchoat.cc +++ b/patchoat/patchoat.cc @@ -363,6 +363,10 @@ static bool CheckImageIdenticalToOriginalExceptForRelocation( uint32_t offset_delta = 0; if (DecodeUnsignedLeb128Checked(&rel_ptr, rel_end, &offset_delta)) { offset += offset_delta; + if (static_cast<int64_t>(offset) + static_cast<int64_t>(sizeof(uint32_t)) > image_size) { + *error_msg = StringPrintf("Relocation out of bounds in %s", relocated_filename.c_str()); + return false; + } uint32_t *image_value = reinterpret_cast<uint32_t*>(image_start + offset); *image_value -= expected_diff; } else { |