go icon indicating copy to clipboard operation
go copied to clipboard

Published 20 hours ago verified publisher icon golang

debug/elf: avoid using saferio to read data from SHT_NOBITS sections

Open ZekeLu opened this issue 1 year ago • 29 comments

A SHT_NOBITS section may have a nonzero size, but it occupies no space in the file. The reader to read from this section is zeroReader, which never reaches EOF. In this case, if the section size is incorrect and holds a huge number, the saferio.ReadData does not help. What's worse, it will eat up the memory a small block by a small block, and finally results in an OOM.

This change calls "make([]byte, size)" to return the section data directly. For an incorrect huge size, it panics with "runtime error: makeslice: len out of range" fast before memory is allocated.

I think a further fix is to set a limit for the size of the SHT_NOBITS section and refuse to read from this section when the size is larger than the limit. But I can not find a documented limit for this section.

Fixes #54967.

ZekeLu avatar Sep 10 '22 15:09 ZekeLu

This PR (HEAD: fbf78366003d5b1e7ade6eb9820bbcfcb07f809c) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/go/+/429601 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar Sep 10 '22 15:09 gopherbot

Message from Dan Kortschak:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 10 '22 21:09 gopherbot

This PR (HEAD: bdbe75f76f7783930be41f72fe0b581407005fa0) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/go/+/429601 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar Sep 11 '22 08:09 gopherbot

Message from Zeke Lu:

Patch Set 1:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 11 '22 08:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 2:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 14 '22 03:09 gopherbot

This PR (HEAD: 51c6d7b0ed2cd9f44c528a85b3d074cd73304a04) has been imported to Gerrit for code review.

Please visit https://go-review.googlesource.com/c/go/+/429601 to see it.

Tip: You can toggle comments from me using the comments slash command (e.g. /comments off) See the Wiki page for more info

gopherbot avatar Sep 14 '22 04:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 14 '22 04:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 15 '22 01:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 15 '22 05:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 16 '22 02:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 16 '22 04:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 16 '22 20:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 01:09 gopherbot

Message from Dan Kortschak:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 01:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 01:09 gopherbot

Message from Dan Kortschak:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 01:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(2 comments)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 02:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 02:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 22:09 gopherbot

Message from Dan Kortschak:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 22:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 22:09 gopherbot

Message from Dan Kortschak:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 17 '22 23:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 18 '22 02:09 gopherbot

Message from Alessandro Arzilli:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 18 '22 06:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 18 '22 12:09 gopherbot

Message from Alessandro Arzilli:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 20 '22 09:09 gopherbot

Message from Alessandro Arzilli:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 20 '22 09:09 gopherbot

Message from Alessandro Arzilli:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 20 '22 09:09 gopherbot

Message from Ian Lance Taylor:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 20 '22 15:09 gopherbot

Message from Zeke Lu:

Patch Set 3:

(1 comment)

Please don’t reply on this GitHub thread. Visit golang.org/cl/429601. After addressing review feedback, remember to publish your drafts!

gopherbot avatar Sep 21 '22 09:09 gopherbot