elf: Use d_ptr instead of d_val when reading from a dynamic array

The dynamic array reader should treat data as unsigned when initially reading values from the array to prevent premature sign-extension. The glibc and traditional android headers define d_val using Elf32_Word, an unsigned type. linux/elf.h, used by unified android headers, defines d_val using Elf32_Sword, a signed type. Use d_ptr instead since it's always an unsigned type. Bug: crashpad:30 Change-Id: Ie8e88941fefc7075621aefe226fdba33b1f6129c Reviewed-on: https://chromium-review.googlesource.com/847818 Commit-Queue: Joshua Peraza <jperaza@chromium.org> Reviewed-by: Mark Mentovai <mark@chromium.org>
2025-01-14 01:08:01 +08:00 · 2018-01-08 15:10:31 -08:00 · 2018-01-08 15:10:31 -08:00 · 8bbe985004
commit 8bbe985004
parent 990c6d9cb6
1 changed files with 9 additions and 1 deletions
--- a/snapshot/elf/elf_dynamic_array_reader.cc
+++ b/snapshot/elf/elf_dynamic_array_reader.cc
@ -16,6 +16,8 @@

 #include <elf.h>

+#include <type_traits>
+
 #include "util/stdlib/map_insert.h"

 namespace crashpad {
@ -48,8 +50,14 @@ bool Read(const ProcessMemoryRange& memory,
        // Skip these entries for now.
        break;
      default:
+        static_assert(std::is_unsigned<decltype(entry.d_un.d_ptr)>::value,
+                      "type must be unsigned");
+        static_assert(static_cast<void*>(&entry.d_un.d_ptr) ==
+                              static_cast<void*>(&entry.d_un.d_val) &&
+                          sizeof(entry.d_un.d_ptr) == sizeof(entry.d_un.d_val),
+                      "d_ptr and d_val must be aliases");
        if (!MapInsertOrReplace(
-                &local_values, entry.d_tag, entry.d_un.d_val, nullptr)) {
+                &local_values, entry.d_tag, entry.d_un.d_ptr, nullptr)) {
          LOG(ERROR) << "duplicate dynamic array entry";
          return false;
        }