From f0f2d55b051e7c6baaa49b2e976ff3cfea038e49 Mon Sep 17 00:00:00 2001
From: Philip Craig <philipjcraig@gmail.com>
Date: Mon, 6 May 2024 15:48:28 +1000
Subject: [PATCH] read/elf: check for relocations that apply to relocations
 (#680)

---
 src/read/elf/relocation.rs | 17 ++++++++++++-----
 1 file changed, 12 insertions(+), 5 deletions(-)

diff --git a/src/read/elf/relocation.rs b/src/read/elf/relocation.rs
index 63a5d5f5..036e7a33 100644
--- a/src/read/elf/relocation.rs
+++ b/src/read/elf/relocation.rs
@@ -39,18 +39,25 @@ impl RelocationSections {
                     continue;
                 }
 
-                let sh_info = section.sh_info(endian) as usize;
-                if sh_info == 0 {
+                let sh_info = SectionIndex(section.sh_info(endian) as usize);
+                if sh_info.0 == 0 {
                     // Skip dynamic relocations.
                     continue;
                 }
-                if sh_info >= relocations.len() {
+                if sh_info.0 >= relocations.len() {
                     return Err(Error("Invalid ELF sh_info for relocation section"));
                 }
 
+                // We don't support relocations that apply to other relocation sections
+                // because it interferes with the chaining of relocation sections below.
+                let sh_info_type = sections.section(sh_info)?.sh_type(endian);
+                if sh_info_type == elf::SHT_REL || sh_info_type == elf::SHT_RELA {
+                    return Err(Error("Unsupported ELF sh_info for relocation section"));
+                }
+
                 // Handle multiple relocation sections by chaining them.
-                let next = relocations[sh_info];
-                relocations[sh_info] = index;
+                let next = relocations[sh_info.0];
+                relocations[sh_info.0] = index;
                 relocations[index] = next;
             }
         }