[llvm] r285586 - Recommit r285285 - [Object/ELF] - Fixed behavior when SectionHeaderTable->sh_size is too large.
George Rimar via llvm-commits
llvm-commits at lists.llvm.org
Mon Oct 31 08:33:00 PDT 2016
Author: grimar
Date: Mon Oct 31 10:33:00 2016
New Revision: 285586
URL: http://llvm.org/viewvc/llvm-project?rev=285586&view=rev
Log:
Recommit r285285 - [Object/ELF] - Fixed behavior when SectionHeaderTable->sh_size is too large.
with fix: edited invalid-section-index2.elf input to pass the new check and
fail on the same place it was intended to fail.
Original commit message:
Elf.h already has code checking that section table does not go past end of file.
Problem is that this check may not work on values greater than UINT64_MAX / Header->e_shentsize
because of calculation overflow.
Parch fixes the issue.
Differential revision: https://reviews.llvm.org/D25432
Added:
llvm/trunk/test/Object/Inputs/invalid-sections-num.elf
- copied unchanged from r285287, llvm/trunk/test/Object/Inputs/invalid-sections-num.elf
Modified:
llvm/trunk/include/llvm/Object/ELF.h
llvm/trunk/test/Object/Inputs/invalid-section-index2.elf
llvm/trunk/test/Object/invalid.test
Modified: llvm/trunk/include/llvm/Object/ELF.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Object/ELF.h?rev=285586&r1=285585&r2=285586&view=diff
==============================================================================
--- llvm/trunk/include/llvm/Object/ELF.h (original)
+++ llvm/trunk/include/llvm/Object/ELF.h Mon Oct 31 10:33:00 2016
@@ -347,6 +347,12 @@ ELFFile<ELFT>::ELFFile(StringRef Object,
// The getNumSections() call below depends on SectionHeaderTable being set.
SectionHeaderTable =
reinterpret_cast<const Elf_Shdr *>(base() + SectionTableOffset);
+ if (getNumSections() > UINT64_MAX / Header->e_shentsize) {
+ // Section table goes past end of file!
+ EC = object_error::parse_failed;
+ return;
+ }
+
const uint64_t SectionTableSize = getNumSections() * Header->e_shentsize;
if (SectionTableOffset + SectionTableSize > FileSize) {
Modified: llvm/trunk/test/Object/Inputs/invalid-section-index2.elf
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/invalid-section-index2.elf?rev=285586&r1=285585&r2=285586&view=diff
==============================================================================
Binary files - no diff available.
Modified: llvm/trunk/test/Object/invalid.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/invalid.test?rev=285586&r1=285585&r2=285586&view=diff
==============================================================================
--- llvm/trunk/test/Object/invalid.test (original)
+++ llvm/trunk/test/Object/invalid.test Mon Oct 31 10:33:00 2016
@@ -76,3 +76,6 @@ INVALID-SEC-ADDRESS-ALIGNMENT: Invalid d
RUN: not llvm-readobj -t %p/Inputs/invalid-section-size2.elf 2>&1 | \
RUN: FileCheck --check-prefix=INVALID-SECTION-SIZE2 %s
INVALID-SECTION-SIZE2: Invalid data was encountered while parsing the file.
+
+RUN: not llvm-readobj -t %p/Inputs/invalid-sections-num.elf 2>&1 | FileCheck --check-prefix=INVALID-SECTION-NUM %s
+INVALID-SECTION-NUM: Invalid data was encountered while parsing the file.
More information about the llvm-commits
mailing list