[llvm] r354722 - objdump fails to parse Mach-O binaries with n_desc bearing stabs
Michael Trent via llvm-commits
llvm-commits at lists.llvm.org
Fri Feb 22 22:19:56 PST 2019
Author: mtrent
Date: Fri Feb 22 22:19:56 2019
New Revision: 354722
URL: http://llvm.org/viewvc/llvm-project?rev=354722&view=rev
Log:
objdump fails to parse Mach-O binaries with n_desc bearing stabs
Summary:
The objdump Mach-O parser uses MachOObjectFile::checkSymbolTable() to
verify the symbol table is in a legal state before dereferencing the
offsets in the table. This routine missed a test for N_STAB symbols
when validating the two-level name space library ordinal for undefined
symbols. If the binary in question contained a value in the n_desc high
byte that is larger than the list of loaded dylibs, checkSymbolTable()
will flag the library ordinal as being out of range. Most of the time
the n_desc field is set to 0 or to small values, but old final linked
binaries exist with N_STAB symbols bearing non-trivial n_desc fields.
The change here is simply to verify a symbol is not an N_STAB symbol
before consulting the values of n_other or n_desc.
rdar://44977336
Reviewers: lhames, pete, ab
Reviewed By: pete
Subscribers: llvm-commits, rupprecht
Tags: #llvm
Differential Revision: https://reviews.llvm.org/D58568
Added:
llvm/trunk/test/tools/llvm-objdump/X86/Inputs/macho-disassemble-stab-x86_64 (with props)
llvm/trunk/test/tools/llvm-objdump/X86/macho-disassemble-stab.test
Modified:
llvm/trunk/lib/Object/MachOObjectFile.cpp
Modified: llvm/trunk/lib/Object/MachOObjectFile.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Object/MachOObjectFile.cpp?rev=354722&r1=354721&r2=354722&view=diff
==============================================================================
--- llvm/trunk/lib/Object/MachOObjectFile.cpp (original)
+++ llvm/trunk/lib/Object/MachOObjectFile.cpp Fri Feb 22 22:19:56 2019
@@ -1663,30 +1663,30 @@ Error MachOObjectFile::checkSymbolTable(
NStrx = STE.n_strx;
NValue = STE.n_value;
}
- if ((NType & MachO::N_STAB) == 0 &&
- (NType & MachO::N_TYPE) == MachO::N_SECT) {
- if (NSect == 0 || NSect > Sections.size())
- return malformedError("bad section index: " + Twine((int)NSect) +
- " for symbol at index " + Twine(SymbolIndex));
- }
- if ((NType & MachO::N_STAB) == 0 &&
- (NType & MachO::N_TYPE) == MachO::N_INDR) {
- if (NValue >= S.strsize)
- return malformedError("bad n_value: " + Twine((int)NValue) + " past "
- "the end of string table, for N_INDR symbol at "
- "index " + Twine(SymbolIndex));
- }
- if ((Flags & MachO::MH_TWOLEVEL) == MachO::MH_TWOLEVEL &&
- (((NType & MachO::N_TYPE) == MachO::N_UNDF && NValue == 0) ||
- (NType & MachO::N_TYPE) == MachO::N_PBUD)) {
- uint32_t LibraryOrdinal = MachO::GET_LIBRARY_ORDINAL(NDesc);
- if (LibraryOrdinal != 0 &&
- LibraryOrdinal != MachO::EXECUTABLE_ORDINAL &&
- LibraryOrdinal != MachO::DYNAMIC_LOOKUP_ORDINAL &&
- LibraryOrdinal - 1 >= Libraries.size() ) {
- return malformedError("bad library ordinal: " + Twine(LibraryOrdinal) +
- " for symbol at index " + Twine(SymbolIndex));
+ if ((NType & MachO::N_STAB) == 0) {
+ if ((NType & MachO::N_TYPE) == MachO::N_SECT) {
+ if (NSect == 0 || NSect > Sections.size())
+ return malformedError("bad section index: " + Twine((int)NSect) +
+ " for symbol at index " + Twine(SymbolIndex));
+ }
+ if ((NType & MachO::N_TYPE) == MachO::N_INDR) {
+ if (NValue >= S.strsize)
+ return malformedError("bad n_value: " + Twine((int)NValue) + " past "
+ "the end of string table, for N_INDR symbol at "
+ "index " + Twine(SymbolIndex));
}
+ if ((Flags & MachO::MH_TWOLEVEL) == MachO::MH_TWOLEVEL &&
+ (((NType & MachO::N_TYPE) == MachO::N_UNDF && NValue == 0) ||
+ (NType & MachO::N_TYPE) == MachO::N_PBUD)) {
+ uint32_t LibraryOrdinal = MachO::GET_LIBRARY_ORDINAL(NDesc);
+ if (LibraryOrdinal != 0 &&
+ LibraryOrdinal != MachO::EXECUTABLE_ORDINAL &&
+ LibraryOrdinal != MachO::DYNAMIC_LOOKUP_ORDINAL &&
+ LibraryOrdinal - 1 >= Libraries.size() ) {
+ return malformedError("bad library ordinal: " + Twine(LibraryOrdinal) +
+ " for symbol at index " + Twine(SymbolIndex));
+ }
+ }
}
if (NStrx >= S.strsize)
return malformedError("bad string table index: " + Twine((int)NStrx) +
Added: llvm/trunk/test/tools/llvm-objdump/X86/Inputs/macho-disassemble-stab-x86_64
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/tools/llvm-objdump/X86/Inputs/macho-disassemble-stab-x86_64?rev=354722&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/tools/llvm-objdump/X86/Inputs/macho-disassemble-stab-x86_64
------------------------------------------------------------------------------
svn:executable = *
Propchange: llvm/trunk/test/tools/llvm-objdump/X86/Inputs/macho-disassemble-stab-x86_64
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/tools/llvm-objdump/X86/macho-disassemble-stab.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/tools/llvm-objdump/X86/macho-disassemble-stab.test?rev=354722&view=auto
==============================================================================
--- llvm/trunk/test/tools/llvm-objdump/X86/macho-disassemble-stab.test (added)
+++ llvm/trunk/test/tools/llvm-objdump/X86/macho-disassemble-stab.test Fri Feb 22 22:19:56 2019
@@ -0,0 +1,3 @@
+# RUN: llvm-objdump -m -disassemble %p/Inputs/macho-disassemble-stab-x86_64 | FileCheck %s
+
+CHECK: (__TEXT,__text) section
More information about the llvm-commits
mailing list