[llvm-bugs] [Bug 28302] New: COFFObjectFile::import_directories() range iterates out of range.

Sat Jun 25 07:31:26 PDT 2016

https://llvm.org/bugs/show_bug.cgi?id=28302

            Bug ID: 28302
           Summary: COFFObjectFile::import_directories() range iterates
                    out of range.
           Product: libraries
           Version: trunk
          Hardware: PC
                OS: All
            Status: NEW
          Severity: normal
          Priority: P
         Component: Object
          Assignee: unassignedbugs at nondot.org
          Reporter: xbandz00 at stud.fit.vutbr.cz
                CC: llvm-bugs at lists.llvm.org
    Classification: Unclassified

Created attachment 16634
  --> https://llvm.org/bugs/attachment.cgi?id=16634&action=edit
Sample binary built by mingw for demonstration (x86 Portable Executable).

Overview: COFFObjectFile::import_directories() range iterates out of range.
Problem is caused by wrong computation of NumberOfImportDirectory which is
based on import table size. This is wrong, because some compilers can add
additional information to import table which increases its size. Iteration
should end, when empty structure is found instead.

To reproduce the bug, use import_directories() or import_directory_iterator
with binary, that adds additional info to import table (usually mingw compiled
binaries,one included in attachment).

Actual results: printing wrong information, segfault in some cases (depends on
what you do with the iterator after it goes out of range).

Expected results: no crash, iteration stops at empty import directory
structure.

Build Date & Platform: 6/24/2016 on Ubuntu 14.04 (x86-64).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20160625/7db4bd86/attachment-0001.html>