[PATCH] D64987: [Object/ELF.h] - Improve testing of the fields in ELFFile<ELFT>::sections().
George Rimar via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Jul 19 05:42:59 PDT 2019
grimar created this revision.
grimar added reviewers: jhenderson, MaskRay.
This eliminates a one error untested and
also introduces a error for one more possible case
which lead to crash previously.
Depends on https://reviews.llvm.org/D64913
https://reviews.llvm.org/D64987
Files:
include/llvm/Object/ELF.h
test/Object/invalid.test
Index: test/Object/invalid.test
===================================================================
--- test/Object/invalid.test
+++ test/Object/invalid.test
@@ -552,3 +552,42 @@
Sections:
- Name: .foo
Type: SHT_PROGBITS
+
+## We report a error if the number of sections stored in sh_size
+## is greater than UINT64_MAX / sizeof(Elf_Shdr) = 288230376151711743.
+## Here we check that do not crash on a border value.
+
+# RUN: yaml2obj --docnum=26 %s -o %t26
+# RUN: not llvm-readobj -h %t26 2>&1 | FileCheck -DFILE=%t26 --check-prefix=INVALID-SEC-NUM1 %s
+
+# INVALID-SEC-NUM1: error: '[[FILE]]': invalid number of sections specified in the NULL section's sh_size field (288230376151711743) or e_shoff (64)
+
+--- !ELF
+FileHeader:
+ Class: ELFCLASS64
+ Data: ELFDATA2LSB
+ Type: ET_REL
+ Machine: EM_X86_64
+ SHNum: 0x0
+Sections:
+ - Type: SHT_NULL
+ Size: 288230376151711743
+
+## See above, but now we test the UINT64_MAX / sizeof(Elf_Shdr) value.
+## The error is slightly different in this case.
+
+# RUN: yaml2obj --docnum=27 %s -o %t27
+# RUN: not llvm-readobj -h %t27 2>&1 | FileCheck -DFILE=%t27 --check-prefix=INVALID-SEC-NUM2 %s
+
+# INVALID-SEC-NUM2: '[[FILE]]': invalid number of sections specified in the NULL section's sh_size field (288230376151711744)
+
+--- !ELF
+FileHeader:
+ Class: ELFCLASS64
+ Data: ELFDATA2LSB
+ Type: ET_REL
+ Machine: EM_X86_64
+ SHNum: 0x0
+Sections:
+ - Type: SHT_NULL
+ Size: 288230376151711744
Index: include/llvm/Object/ELF.h
===================================================================
--- include/llvm/Object/ELF.h
+++ include/llvm/Object/ELF.h
@@ -513,11 +513,16 @@
NumSections = First->sh_size;
if (NumSections > UINT64_MAX / sizeof(Elf_Shdr))
- // TODO: this error is untested.
- return createError("section table goes past the end of file");
+ return createError("invalid number of sections specified in the NULL "
+ "section's sh_size field (" +
+ Twine(NumSections) + ")");
const uint64_t SectionTableSize = NumSections * sizeof(Elf_Shdr);
-
+ if (SectionTableOffset + SectionTableSize < SectionTableOffset)
+ return createError("invalid number of sections specified in the NULL "
+ "section's sh_size field (" +
+ Twine(NumSections) + ") or e_shoff (" +
+ Twine(SectionTableOffset) + ")");
// Section table goes past end of file!
if (SectionTableOffset + SectionTableSize > FileSize)
return createError("section table goes past the end of file");
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D64987.210806.patch
Type: text/x-patch
Size: 2607 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20190719/65734a45/attachment.bin>
More information about the llvm-commits
mailing list