Check for overflows in symbol data.
It's possible that values read from the elf about symbol data might
be corrupted, so protect all needed computation using those values to
avoid overflows.
Cap the maximum number of total symbol entries (count_) to
1,000,000. This avoids aborts trying to allocate too much memory.
There is no need to protect any of the multiply operations involving
entry_size_ since it is always guaranteed that count_ * entry_size_
<= UINT64_MAX. This is true since count_ is set to "size" / entry_size_
in the constructor. Even if "size" is UINT64_MAX, all of the multiply
operations will always be some number less than count_, and thus
these multiplies will not exceed UINT64_MAX.
There is one loop that increments by entry_size_ but it will also
never overflow for a similar reason as above. The number of loops
is always less than count_, and the count starts at zero.
Add new unit tests to force overflows and verify there are no crashes.
Bug: 238519701
Test: All unit tests pass.
Change-Id: I356c4406cedec16de618b5fa0f9791cfbb40225a
3 files changed
