update libelf from elftoolchain r3714 to r3717

check for overflow correctly after computing a file offset

1 files changed, 6 insertions, 6 deletions

diff --git a/lib/libelf/elf_rand.c b/lib/libelf/elf_rand.c
index 636808c84e3..b88e4db6bf5 100644
--- a/lib/libelf/elf_rand.c
+++ b/lib/libelf/elf_rand.c
@@ -30,7 +30,7 @@
 
 #include "_libelf.h"
 
-ELFTC_VCSID("$Id: elf_rand.c,v 1.2 2019/03/19 02:31:35 jsg Exp $");
+ELFTC_VCSID("$Id: elf_rand.c,v 1.3 2019/03/19 02:37:46 jsg Exp $");
 
 off_t
 elf_rand(Elf *ar, off_t offset)
@@ -38,17 +38,17 @@ elf_rand(Elf *ar, off_t offset)
 	struct ar_hdr *arh;
 	off_t offset_of_member;
 
-	offset_of_member = offset + (off_t) sizeof(struct ar_hdr);
-
 	if (ar == NULL || ar->e_kind != ELF_K_AR ||
 	    (offset & 1) || offset < SARMAG ||
-	    offset_of_member >= ar->e_rawsize) {
+	    offset >= ar->e_rawsize) {
 		LIBELF_SET_ERROR(ARGUMENT, 0);
 		return 0;
 	}
 
-	/* Check for numeric overflow. */
-	if ((uintmax_t) offset_of_member < (uintmax_t) offset) {
+	offset_of_member = offset + (off_t) sizeof(struct ar_hdr);
+
+	if (offset_of_member <= 0 || /* Numeric overflow. */
+	    offset_of_member >= ar->e_rawsize) {
 		LIBELF_SET_ERROR(ARGUMENT, 0);
 		return 0;
 	}