
<html>


<head>


<meta http-equiv="Content-Type" content="text/html; charset=utf-8">


<style type="text/css" style="display:none"><!-- p { margin-top: 0px; margin-bottom: 0px; }--></style>


</head>


<body dir="ltr" style="font-size:12pt;color:#000000;background-color:#FFFFFF;font-family:Calibri,Arial,Helvetica,sans-serif;">


<p>Ok, thanks, Vlad!<br>


</p>


<p>Sorry, I did not notice this BB failture.<br>


</p>


<p><br>


</p>


<div id="Signature">


<div name="divtagdefaultwrapper" style="font-family:Calibri,Arial,Helvetica,sans-serif; font-size:; margin:0">


<div class="BodyFragment"><font size="2">


<div class="PlainText">Best regards,<br>


George | Developer | <span style="background-color:rgb(255,255,255); color:rgb(33,33,33); font-family:Calibri,sans-serif; font-size:13.3333px">Access Softek, Inc</span></div>


</font></div>


</div>


</div>


<div style="color: rgb(33, 33, 33);">


<hr tabindex="-1" style="display:inline-block; width:98%">


<div id="divRplyFwdMsg" dir="ltr"><font face="Calibri, sans-serif" color="#000000" style="font-size:11pt"><b>От:</b> Vlad Tsyrklevich <vlad@tsyrklevich.net><br>


<b>Отправлено:</b> 23 июля 2019 г. 18:01<br>


<b>Кому:</b> George Rimar<br>


<b>Копия:</b> Bbbbb<br>


<b>Тема:</b> Re: [llvm] r366796 - [Object/ELF.h] - Improve testing of the fields in ELFFile<ELFT>::sections().</font>


<div> </div>


</div>


<div>


<div style="font-size:9pt; font-family:'Calibri',sans-serif">


<h3 style="background-color:#ffffff; font-size:10pt; border:1px dotted #003333; padding:.8em">


<span style="color:#ff6600">CAUTION:<strong> </strong></span>This email originated from outside of the organization. Do not click links or open attachments unless you recognize the sender and know the content is safe.  If you suspect potential phishing or spam


 email, report it to ReportSpam@accesssoftek.com</h3>


</div>


<div>


<div dir="ltr">I've reverted this change as it was causing buildbot failures on the UBSan bot like the


<a href="http://lab.llvm.org:8011/builders/sanitizer-x86_64-linux-bootstrap-ubsan/builds/14047/steps/check-llvm%20ubsan/logs/stdio">


following</a>:


<div>


<pre style="font-family:"Courier New",courier,monotype,monospace; color:rgb(0,0,0); font-size:medium"><span class="gmail-stdout">/b/sanitizer-x86_64-linux-bootstrap-ubsan/build/llvm/test/Object/invalid.test:600:21: error: INVALID-SEC-NUM3: expected string not found in input

# INVALID-SEC-NUM3: error: '[[FILE]]': invalid section header table offset (e_shoff = 0xffffffffffffffff) or invalid number of sections specified in the first section header's sh_size field (0x1)

                    ^

<stdin>:1:1: note: scanning from here

/b/sanitizer-x86_64-linux-bootstrap-ubsan/build/llvm/include/llvm/Object/ELF.h:509:49: runtime error: addition of unsigned offset to 0x000002106cf0 overflowed to 0x000002106cef

^

<stdin>:1:1: note: with "FILE" equal to "/b/sanitizer-x86_64-linux-bootstrap-ubsan/build/llvm_build_ubsan/test/Object/Output/invalid\\.test\\.tmp28"

/b/sanitizer-x86_64-linux-bootstrap-ubsan/build/llvm/include/llvm/Object/ELF.h:509:49: runtime error: addition of unsigned offset to 0x000002106cf0 overflowed to 0x000002106cef</span></pre>


</div>


</div>


<br>


<div class="gmail_quote">


<div dir="ltr" class="gmail_attr">On Tue, Jul 23, 2019 at 4:36 AM George Rimar via llvm-commits <<a href="mailto:llvm-commits@lists.llvm.org">llvm-commits@lists.llvm.org</a>> wrote:<br>


</div>


<blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex; border-left:1px solid rgb(204,204,204); padding-left:1ex">


Author: grimar<br>


Date: Tue Jul 23 04:37:14 2019<br>


New Revision: 366796<br>


<br>


URL: <a href="http://llvm.org/viewvc/llvm-project?rev=366796&view=rev" rel="noreferrer" target="_blank">


http://llvm.org/viewvc/llvm-project?rev=366796&view=rev</a><br>


Log:<br>


[Object/ELF.h] - Improve testing of the fields in ELFFile<ELFT>::sections().<br>


<br>


This eliminates a one error untested and<br>


also introduces a error for one more possible case<br>


which lead to crash previously.<br>


<br>


Differential revision: <a href="https://reviews.llvm.org/D64987" rel="noreferrer" target="_blank">


https://reviews.llvm.org/D64987</a><br>


<br>


Modified:<br>


    llvm/trunk/include/llvm/Object/ELF.h<br>


    llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h<br>


    llvm/trunk/test/Object/invalid.test<br>


    llvm/trunk/tools/yaml2obj/yaml2elf.cpp<br>


<br>


Modified: llvm/trunk/include/llvm/Object/ELF.h<br>


URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Object/ELF.h?rev=366796&r1=366795&r2=366796&view=diff" rel="noreferrer" target="_blank">


http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/Object/ELF.h?rev=366796&r1=366795&r2=366796&view=diff</a><br>


==============================================================================<br>


--- llvm/trunk/include/llvm/Object/ELF.h (original)<br>


+++ llvm/trunk/include/llvm/Object/ELF.h Tue Jul 23 04:37:14 2019<br>


@@ -513,15 +513,22 @@ Expected<typename ELFT::ShdrRange> ELFFi<br>


     NumSections = First->sh_size;<br>


<br>


   if (NumSections > UINT64_MAX / sizeof(Elf_Shdr))<br>


-    // TODO: this error is untested.<br>


-    return createError("section table goes past the end of file");<br>


+    return createError("invalid number of sections specified in the NULL "<br>


+                       "section's sh_size field (" +<br>


+                       Twine(NumSections) + ")");<br>


<br>


   const uint64_t SectionTableSize = NumSections * sizeof(Elf_Shdr);<br>


+  if (SectionTableOffset + SectionTableSize < SectionTableOffset)<br>


+    return createError(<br>


+        "invalid section header table offset (e_shoff = 0x" +<br>


+        Twine::utohexstr(SectionTableOffset) +<br>


+        ") or invalid number of sections specified in the first section "<br>


+        "header's sh_size field (0x" +<br>


+        Twine::utohexstr(NumSections) + ")");<br>


<br>


   // Section table goes past end of file!<br>


   if (SectionTableOffset + SectionTableSize > FileSize)<br>


     return createError("section table goes past the end of file");<br>


-<br>


   return makeArrayRef(First, NumSections);<br>


 }<br>


<br>


<br>


Modified: llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h<br>


URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h?rev=366796&r1=366795&r2=366796&view=diff" rel="noreferrer" target="_blank">


http://llvm.org/viewvc/llvm-project/llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h?rev=366796&r1=366795&r2=366796&view=diff</a><br>


==============================================================================<br>


--- llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h (original)<br>


+++ llvm/trunk/include/llvm/ObjectYAML/ELFYAML.h Tue Jul 23 04:37:14 2019<br>


@@ -77,7 +77,7 @@ struct FileHeader {<br>


   llvm::yaml::Hex64 Entry;<br>


<br>


   Optional<llvm::yaml::Hex16> SHEntSize;<br>


-  Optional<llvm::yaml::Hex16> SHOffset;<br>


+  Optional<llvm::yaml::Hex64> SHOffset;<br>


   Optional<llvm::yaml::Hex16> SHNum;<br>


   Optional<llvm::yaml::Hex16> SHStrNdx;<br>


 };<br>


<br>


Modified: llvm/trunk/test/Object/invalid.test<br>


URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/invalid.test?rev=366796&r1=366795&r2=366796&view=diff" rel="noreferrer" target="_blank">


http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/invalid.test?rev=366796&r1=366795&r2=366796&view=diff</a><br>


==============================================================================<br>


--- llvm/trunk/test/Object/invalid.test (original)<br>


+++ llvm/trunk/test/Object/invalid.test Tue Jul 23 04:37:14 2019<br>


@@ -552,3 +552,58 @@ FileHeader:<br>


 Sections:<br>


   - Name: .foo<br>


     Type: SHT_PROGBITS<br>


+<br>


+## We report an error if the number of sections stored in sh_size<br>


+## is greater than UINT64_MAX / sizeof(Elf_Shdr) == 288230376151711743.<br>


+## Here we check that do not crash on a border value.<br>


+<br>


+# RUN: yaml2obj --docnum=26 %s -o %t26<br>


+# RUN: not llvm-readobj -h %t26 2>&1 | FileCheck -DFILE=%t26 --check-prefix=INVALID-SEC-NUM1 %s<br>


+<br>


+# INVALID-SEC-NUM1: error: '[[FILE]]': invalid section header table offset (e_shoff = 0x40) or invalid number of sections specified in the first section header's sh_size field (0x3ffffffffffffff)<br>


+<br>


+--- !ELF<br>


+FileHeader:<br>


+  Class:   ELFCLASS64<br>


+  Data:    ELFDATA2LSB<br>


+  Type:    ET_REL<br>


+  Machine: EM_X86_64<br>


+  SHNum:   0x0<br>


+Sections:<br>


+  - Type: SHT_NULL<br>


+    Size: 288230376151711743<br>


+<br>


+## See above, but now we test the UINT64_MAX / sizeof(Elf_Shdr) value.<br>


+## The error is slightly different in this case.<br>


+<br>


+# RUN: yaml2obj --docnum=27 %s -o %t27<br>


+# RUN: not llvm-readobj -h %t27 2>&1 | FileCheck -DFILE=%t27 --check-prefix=INVALID-SEC-NUM2 %s<br>


+<br>


+# INVALID-SEC-NUM2: error: '[[FILE]]': invalid number of sections specified in the NULL section's sh_size field (288230376151711744)<br>


+<br>


+--- !ELF<br>


+FileHeader:<br>


+  Class:   ELFCLASS64<br>


+  Data:    ELFDATA2LSB<br>


+  Type:    ET_REL<br>


+  Machine: EM_X86_64<br>


+  SHNum:   0x0<br>


+Sections:<br>


+  - Type: SHT_NULL<br>


+    Size: 288230376151711744<br>


+<br>


+## Check the case when SHOffset is too large, but SHNum is not. SHOffset + SHNum overflows the uint64 type.<br>


+<br>


+# RUN: yaml2obj --docnum=28 %s -o %t28<br>


+# RUN: not llvm-readobj -h %t28 2>&1 | FileCheck -DFILE=%t28 --check-prefix=INVALID-SEC-NUM3 %s<br>


+<br>


+# INVALID-SEC-NUM3: error: '[[FILE]]': invalid section header table offset (e_shoff = 0xffffffffffffffff) or invalid number of sections specified in the first section header's sh_size field (0x1)<br>


+<br>


+--- !ELF<br>


+FileHeader:<br>


+  Class:    ELFCLASS64<br>


+  Data:     ELFDATA2LSB<br>


+  Type:     ET_REL<br>


+  Machine:  EM_X86_64<br>


+  SHOffset: 0xffffffffffffffff<br>


+  SHNum:    0x1<br>


<br>


Modified: llvm/trunk/tools/yaml2obj/yaml2elf.cpp<br>


URL: <a href="http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/yaml2obj/yaml2elf.cpp?rev=366796&r1=366795&r2=366796&view=diff" rel="noreferrer" target="_blank">


http://llvm.org/viewvc/llvm-project/llvm/trunk/tools/yaml2obj/yaml2elf.cpp?rev=366796&r1=366795&r2=366796&view=diff</a><br>


==============================================================================<br>


--- llvm/trunk/tools/yaml2obj/yaml2elf.cpp (original)<br>


+++ llvm/trunk/tools/yaml2obj/yaml2elf.cpp Tue Jul 23 04:37:14 2019<br>


@@ -244,7 +244,7 @@ void ELFState<ELFT>::initELFHeader(Elf_E<br>


   // Immediately following the ELF header and program headers.<br>


   Header.e_shoff =<br>


       Doc.Header.SHOffset<br>


-          ? (uint16_t)*Doc.Header.SHOffset<br>


+          ? (typename ELFT::uint)(*Doc.Header.SHOffset)<br>


           : sizeof(Header) + sizeof(Elf_Phdr) * Doc.ProgramHeaders.size();<br>


   Header.e_shnum =<br>


       Doc.Header.SHNum ? (uint16_t)*Doc.Header.SHNum : SN2I.size() + 1;<br>


<br>


<br>


_______________________________________________<br>


llvm-commits mailing list<br>


<a href="mailto:llvm-commits@lists.llvm.org" target="_blank">llvm-commits@lists.llvm.org</a><br>


<a href="https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits" rel="noreferrer" target="_blank">https://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits</a><br>


</blockquote>


</div>


</div>


</div>


</div>


</body>


</html>