[llvm] r284371 - [Object/ELF] - Check that e_shnum is null when e_shoff is.

George Rimar via llvm-commits llvm-commits at lists.llvm.org
Mon Oct 17 03:06:44 PDT 2016

Author: grimar
Date: Mon Oct 17 05:06:44 2016
New Revision: 284371

URL: http://llvm.org/viewvc/llvm-project?rev=284371&view=rev
[Object/ELF] - Check that e_shnum is null when e_shoff is.

Spec says (http://www.sco.com/developers/gabi/1998-04-29/ch4.eheader.html) :
This member holds the number of entries in the section header table. Thus the product of e_shentsize and e_shnum gives the section header table's size in bytes. If a file has no section header table, e_shnum holds the value zero.

Revealed using "id_000037,sig_11,src_000015,op_havoc,rep_8" from PR30540

That was the reason of crash in lld on incorrect input file.
Binary reduced using afl-min.

Differential revision: https://reviews.llvm.org/D25090

    llvm/trunk/test/Object/Inputs/invalid-e_shnum.elf   (with props)

Modified: llvm/trunk/include/llvm/Object/ELF.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Object/ELF.h?rev=284371&r1=284370&r2=284371&view=diff
--- llvm/trunk/include/llvm/Object/ELF.h (original)
+++ llvm/trunk/include/llvm/Object/ELF.h Mon Oct 17 05:06:44 2016
@@ -319,8 +319,12 @@ ELFFile<ELFT>::ELFFile(StringRef Object,
   Header = reinterpret_cast<const Elf_Ehdr *>(base());
-  if (Header->e_shoff == 0)
+  if (Header->e_shoff == 0) {
+    if (Header->e_shnum != 0)
+      report_fatal_error(
+          "e_shnum should be zero if a file has no section header table");
+  }
   const uint64_t SectionTableOffset = Header->e_shoff;

Added: llvm/trunk/test/Object/Inputs/invalid-e_shnum.elf
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/invalid-e_shnum.elf?rev=284371&view=auto
Binary file - no diff available.

Propchange: llvm/trunk/test/Object/Inputs/invalid-e_shnum.elf
    svn:mime-type = application/octet-stream

Modified: llvm/trunk/test/Object/invalid.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/invalid.test?rev=284371&r1=284370&r2=284371&view=diff
--- llvm/trunk/test/Object/invalid.test (original)
+++ llvm/trunk/test/Object/invalid.test Mon Oct 17 05:06:44 2016
@@ -55,6 +55,9 @@ INVALID-SYMTAB-SIZE: Invalid data was en
 RUN: not llvm-readobj -t %p/Inputs/invalid-xindex-size.elf 2>&1 | FileCheck --check-prefix=INVALID-XINDEX-SIZE %s
 INVALID-XINDEX-SIZE: Invalid data was encountered while parsing the file.
+RUN: not llvm-readobj -t %p/Inputs/invalid-e_shnum.elf 2>&1 | FileCheck --check-prefix=INVALID-SH-NUM %s
+INVALID-SH-NUM: e_shnum should be zero if a file has no section header table
 RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 | \
 RUN:   FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s
 INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index

More information about the llvm-commits mailing list