Skip to content

Commit 79753fd

Browse files
histriohistrio
committed
Let's not try to read too long notes
1 parent 0833972 commit 79753fd

File tree

1 file changed

+7
-21
lines changed

1 file changed

+7
-21
lines changed

uchecker.py

Lines changed: 7 additions & 21 deletions
Original file line numberDiff line numberDiff line change
@@ -44,6 +44,11 @@
4444
NT_GO_BUILD_ID = 4
4545
IGNORED_PATHNAME = ["[heap]", "[stack]", "[vdso]", "[vsyscall]", "[vvar]"]
4646

47+
ELF_MAGIC_BYTES = b'\x7fELF\x02\x01'
48+
PROC_TIMEOUT = 30
49+
MAX_NOTE_SIZE = 4096
50+
BYTE_ALIGNMENT = 4
51+
4752
Vma = namedtuple('Vma', 'offset size start end')
4853
Map = namedtuple('Map', 'addr perm offset dev inode pathname flag')
4954

@@ -68,22 +73,6 @@ def normalize(data, encoding='utf-8'):
6873
return data.encode(encoding)
6974

7075

71-
def check_output(*args, **kwargs):
72-
""" Backported implementation for check_output.
73-
"""
74-
out = ''
75-
try:
76-
p = subprocess.Popen(stdout=subprocess.PIPE, stderr=subprocess.PIPE,
77-
*args, **kwargs)
78-
out, err = p.communicate()
79-
if err or p.returncode != 0:
80-
raise OSError("{0} ({1})".format(err, p.returncode))
81-
except OSError as e:
82-
logging.debug('Subprocess `%s %s` error: %s',
83-
args, kwargs, e)
84-
return normalize(out)
85-
86-
8776
def check_output_with_timeout(*args, **kwargs):
8877
"""Enhanced check_output with timeout support for Python 2/3."""
8978
timeout = kwargs.pop('timeout', 30)
@@ -94,7 +83,6 @@ def check_output_with_timeout(*args, **kwargs):
9483
def timeout_handler(signum, frame):
9584
raise OSError("Command timed out")
9685

97-
# Set up timeout (Unix only)
9886
if hasattr(signal, 'SIGALRM'):
9987
old_handler = signal.signal(signal.SIGALRM, timeout_handler)
10088
signal.alarm(timeout)
@@ -285,10 +273,6 @@ class BuildIDParsingException(Exception):
285273
pass
286274

287275

288-
ELF_MAGIC_BYTES = b'\x7fELF\x02\x01'
289-
PROC_TIMEOUT = 30
290-
MAX_NOTE_SIZE = 4096
291-
BYTE_ALIGNMENT = 4
292276

293277
def get_build_id(fileobj):
294278

@@ -336,6 +320,8 @@ def get_build_id(fileobj):
336320

337321
logging.debug("n_type: %d, n_namesz: %d, n_descsz: %d)",
338322
n_type, n_namesz, n_descsz)
323+
if n_namesz > MAX_NOTE_SIZE or n_descsz > MAX_NOTE_SIZE:
324+
raise BuildIDParsingException("Note section too large")
339325
fileobj.read(n_namesz)
340326
desc = struct.unpack("<{0}B".format(n_descsz), fileobj.read(n_descsz))
341327
if n_type is not None:

0 commit comments

Comments
 (0)