[Pal/Linux-SGX] Allocate program headers when reading ELFs

gramineproject / graphene

Graphene / Graphene-SGX - a library OS for Linux multi-process applications, with Intel SGX support

https://grapheneproject.io

GNU Lesser General Public License v3.0

771 stars 260 forks source link

[Pal/Linux-SGX] Allocate program headers when reading ELFs #2562

Closed pwmarcz closed 3 years ago

pwmarcz commented 3 years ago

Description of the changes

The code relied on the assumption that the program headers will fit within FILEBUF_SIZE bytes from beginning of file. This is usually true in practice, but is not guaranteed, and as a result Graphene could read outside of the allocated buffer.

Instead, we perform two reads: first for the ELF header, then for the program headers.

How to test this PR?

Existing tests should be enough.

This change is

mkow commented 3 years ago

Jenkins, retest Jenkins-20.04 please (apps.LTP.fsync02 timed out, unrelated to the PR)