diff options
| -rw-r--r-- | linker/linker.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/linker/linker.c b/linker/linker.c index f365fb6..3a923c1 100644 --- a/linker/linker.c +++ b/linker/linker.c @@ -1030,7 +1030,7 @@ load_segments(int fd, void *header, soinfo *si) si->dynamic = (unsigned *)(base + phdr->p_vaddr); } else if (phdr->p_type == PT_GNU_RELRO) { if ((phdr->p_vaddr >= si->size) - || ((phdr->p_vaddr + phdr->p_memsz) >= si->size) + || ((phdr->p_vaddr + phdr->p_memsz) > si->size) || ((base + phdr->p_vaddr + phdr->p_memsz) < base)) { DL_ERR("%d invalid GNU_RELRO in '%s' " "p_vaddr=0x%08x p_memsz=0x%08x", pid, si->name, @@ -1779,7 +1779,7 @@ static int link_image(soinfo *si, unsigned wr_offset) si->dynamic = (unsigned *) (si->base + phdr->p_vaddr); } else if (phdr->p_type == PT_GNU_RELRO) { if ((phdr->p_vaddr >= si->size) - || ((phdr->p_vaddr + phdr->p_memsz) >= si->size) + || ((phdr->p_vaddr + phdr->p_memsz) > si->size) || ((si->base + phdr->p_vaddr + phdr->p_memsz) < si->base)) { DL_ERR("%d invalid GNU_RELRO in '%s' " "p_vaddr=0x%08x p_memsz=0x%08x", pid, si->name, |