From d917514bd6b270df431ea4e781a865764d406120 Mon Sep 17 00:00:00 2001 From: Christopher Ferris Date: Thu, 22 Oct 2015 13:34:48 -0700 Subject: Fix incorrect check of descsz value. Bug: 25187394 (cherry picked from commit 1fa55234d6773e09e3bb934419b5b6cc0df981c9) Change-Id: Idbc9071e8b2b25a062c4e94118808d6e19d443d9 --- debuggerd/elf_utils.cpp | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/debuggerd/elf_utils.cpp b/debuggerd/elf_utils.cpp index 5ea03e7..65c1904 100644 --- a/debuggerd/elf_utils.cpp +++ b/debuggerd/elf_utils.cpp @@ -63,10 +63,10 @@ static bool get_build_id( if (nhdr.n_type == NT_GNU_BUILD_ID) { // Skip the name (which is the owner and should be "GNU"). addr += NOTE_ALIGN(nhdr.n_namesz); - uint8_t build_id_data[128]; - if (nhdr.n_namesz > sizeof(build_id_data)) { - ALOGE("Possible corrupted note, name size value is too large: %u", - nhdr.n_namesz); + uint8_t build_id_data[160]; + if (nhdr.n_descsz > sizeof(build_id_data)) { + ALOGE("Possible corrupted note, desc size value is too large: %u", + nhdr.n_descsz); return false; } if (backtrace->Read(addr, build_id_data, nhdr.n_descsz) != nhdr.n_descsz) { -- cgit v1.1