[llvm] r315012 - Added phdr upper bound checks to ElfObject.

Rafael Espindola via llvm-commits llvm-commits at lists.llvm.org
Thu Oct 5 13:01:32 PDT 2017 

Author: rafael
Date: Thu Oct  5 13:01:32 2017
New Revision: 315012

URL: http://llvm.org/viewvc/llvm-project?rev=315012&view=rev
Log:
Added phdr upper bound checks to ElfObject.

Ensure the program_headers call will fail correctly if the program
headers are larger than the underlying buffer.

Patch by Parker Thompson!

Added:
    llvm/trunk/test/Object/Inputs/invalid-phdr.elf
    llvm/trunk/test/Object/elf-invalid-phdr.test
Modified:
    llvm/trunk/include/llvm/Object/ELF.h

Modified: llvm/trunk/include/llvm/Object/ELF.h
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Object/ELF.h?rev=315012&r1=315011&r2=315012&view=diff
==============================================================================
--- llvm/trunk/include/llvm/Object/ELF.h (original)
+++ llvm/trunk/include/llvm/Object/ELF.h Thu Oct  5 13:01:32 2017
@@ -144,6 +144,10 @@ public:
   Expected<Elf_Phdr_Range> program_headers() const {
     if (getHeader()->e_phnum && getHeader()->e_phentsize != sizeof(Elf_Phdr))
       return createError("invalid e_phentsize");
+    if (getHeader()->e_phoff +
+            (getHeader()->e_phnum * getHeader()->e_phentsize) >
+        getBufSize())
+      return createError("program headers longer than binary");
     auto *Begin =
         reinterpret_cast<const Elf_Phdr *>(base() + getHeader()->e_phoff);
     return makeArrayRef(Begin, Begin + getHeader()->e_phnum);

Added: llvm/trunk/test/Object/Inputs/invalid-phdr.elf
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/invalid-phdr.elf?rev=315012&view=auto
==============================================================================
Binary files llvm/trunk/test/Object/Inputs/invalid-phdr.elf (added) and llvm/trunk/test/Object/Inputs/invalid-phdr.elf Thu Oct  5 13:01:32 2017 differ

Added: llvm/trunk/test/Object/elf-invalid-phdr.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/elf-invalid-phdr.test?rev=315012&view=auto
==============================================================================
--- llvm/trunk/test/Object/elf-invalid-phdr.test (added)
+++ llvm/trunk/test/Object/elf-invalid-phdr.test Thu Oct  5 13:01:32 2017
@@ -0,0 +1,26 @@
+# invalid-phdr.elf is generated by creating a simple elf file with yaml2obj:
+# !ELF
+# FileHeader:
+#   Class:           ELFCLASS64
+#   Data:            ELFDATA2LSB
+#   Type:            ET_EXEC
+#   Machine:         EM_X86_64
+# Sections:
+#   - Name:            .text
+#     Type:            SHT_PROGBITS
+#     Flags:           [ SHF_ALLOC, SHF_EXECINSTR ]
+#     AddressAlign:    0x0000000000001000
+#     Content:         "00000000"
+# ProgramHeaders:
+#   - Type: PT_LOAD
+#     Flags: [ PF_X, PF_R ]
+#     VAddr: 0xAAAA1000
+#     PAddr: 0xFFFF1000
+#     Sections:
+#       - Section: .text
+#
+# Then editing the e_phoff in with a hexeditor to set it to 0xffffff
+RUN: not llvm-objdump -private-headers %p/Inputs/invalid-phdr.elf 2>&1 \
+RUN:         | FileCheck %s
+
+CHECK: LLVM ERROR: Invalid data was encountered while parsing the file

More information about the llvm-commits mailing list