[llvm] r271139 - [llvm-readobj] Validate the string table offset before using it

David Blaikie via llvm-commits llvm-commits at lists.llvm.org
Sun May 29 14:25:43 PDT 2016 

On Sun, May 29, 2016 at 10:09 AM, David Majnemer <david.majnemer at gmail.com>
wrote:

> Not really, I have no way to reduce the test down to something
> reasonable.  I'd rather not see the LLVM repo become a collection of large,
> malformed PDB files.
>

Other ideas for how we ensure we don't regress the functionality you're
adding? Sounds like this sort of idea is what Kostya has in mind for
libFuzzer use - a corpus of interesting inputs that grows when bugs are
fixed so the corpus can be run directly for regression testing, and used as
input to the fuzzer for bug finding. Perhaps we need to formalize something
like that for this sort of work?


>
> On Sun, May 29, 2016 at 9:25 AM, David Blaikie <dblaikie at gmail.com> wrote:
>
>> any chance of test cases for all this error handling being added?
>>
>> On Sat, May 28, 2016 at 12:45 PM, David Majnemer via llvm-commits <
>> llvm-commits at lists.llvm.org> wrote:
>>
>>> Author: majnemer
>>> Date: Sat May 28 14:45:49 2016
>>> New Revision: 271139
>>>
>>> URL: http://llvm.org/viewvc/llvm-project?rev=271139&view=rev
>>> Log:
>>> [llvm-readobj] Validate the string table offset before using it
>>>
>>> Modified:
>>>     llvm/trunk/tools/llvm-readobj/COFFDumper.cpp
>>>
>>> Modified: llvm/trunk/tools/llvm-readobj/COFFDumper.cpp
>>> URL:
>>> http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/llvm-readobj/COFFDumper.cpp?rev=271139&r1=271138&r2=271139&view=diff
>>>
>>> ==============================================================================
>>> --- llvm/trunk/tools/llvm-readobj/COFFDumper.cpp (original)
>>> +++ llvm/trunk/tools/llvm-readobj/COFFDumper.cpp Sat May 28 14:45:49 2016
>>> @@ -794,14 +794,20 @@ void COFFDumper::printCodeViewSymbolSect
>>>        while (!Contents.empty()) {
>>>          const FrameData *FD;
>>>          error(consumeObject(Contents, FD));
>>> +
>>> +        if (FD->FrameFunc >= CVStringTable.size())
>>> +          error(object_error::parse_failed);
>>> +
>>> +        StringRef FrameFunc =
>>> +            CVStringTable.drop_front(FD->FrameFunc).split('\0').first;
>>> +
>>>          DictScope S(W, "FrameData");
>>>          W.printHex("RvaStart", FD->RvaStart);
>>>          W.printHex("CodeSize", FD->CodeSize);
>>>          W.printHex("LocalSize", FD->LocalSize);
>>>          W.printHex("ParamsSize", FD->ParamsSize);
>>>          W.printHex("MaxStackSize", FD->MaxStackSize);
>>> -        W.printString("FrameFunc",
>>> -
>>> CVStringTable.drop_front(FD->FrameFunc).split('\0').first);
>>> +        W.printString("FrameFunc", FrameFunc);
>>>          W.printHex("PrologSize", FD->PrologSize);
>>>          W.printHex("SavedRegsSize", FD->SavedRegsSize);
>>>          W.printFlags("Flags", FD->Flags, makeArrayRef(FrameDataFlags));
>>>
>>>
>>> _______________________________________________
>>> llvm-commits mailing list
>>> llvm-commits at lists.llvm.org
>>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160529/ca14b8ae/attachment.html>

More information about the llvm-commits mailing list