From dc113eca0d6dd5f1e85199f2161473c7c9f7ed29 Mon Sep 17 00:00:00 2001
From: Lorenz Bauer <lmb@cloudflare.com>
Date: Fri, 27 Nov 2020 11:53:26 +0000
Subject: [PATCH] btf: fix out-of-bounds panic

debug/elf doesn't seem to validate that section numbers are valid,
so we can trigger a crash here. Unfortunately I wasn't able to minimize
the crasher, so this change doesn't have an accompanying test.

Found using go-fuzz.
---
 internal/btf/btf.go | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/internal/btf/btf.go b/internal/btf/btf.go
index 57f2b7d10..ca94d7f36 100644
--- a/internal/btf/btf.go
+++ b/internal/btf/btf.go
@@ -80,6 +80,10 @@ func LoadSpecFromReader(rd io.ReaderAt) (*Spec, error) {
 			continue
 		}
 
+		if int(symbol.Section) >= len(file.Sections) {
+			return nil, fmt.Errorf("symbol %s: invalid section %d", symbol.Name, symbol.Section)
+		}
+
 		secName := file.Sections[symbol.Section].Name
 		if _, ok := sectionSizes[secName]; !ok {
 			continue