[Lldb-commits] [lldb] r206233 - Add some basic sanity checks to DynamicLoaderDarwinKernel::ReadKextSummaryHeader()
Jason Molenda
jmolenda at apple.com
Mon Apr 14 18:04:00 PDT 2014
Author: jmolenda
Date: Mon Apr 14 20:04:00 2014
New Revision: 206233
URL: http://llvm.org/viewvc/llvm-project?rev=206233&view=rev
Log:
Add some basic sanity checks to DynamicLoaderDarwinKernel::ReadKextSummaryHeader()
when it is reading the kext table, in case we're reading out of a core file with
corrupt contents in this region.
<rdar://problem/16601915>
Modified:
lldb/trunk/source/Plugins/DynamicLoader/Darwin-Kernel/DynamicLoaderDarwinKernel.cpp
Modified: lldb/trunk/source/Plugins/DynamicLoader/Darwin-Kernel/DynamicLoaderDarwinKernel.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Plugins/DynamicLoader/Darwin-Kernel/DynamicLoaderDarwinKernel.cpp?rev=206233&r1=206232&r2=206233&view=diff
==============================================================================
--- lldb/trunk/source/Plugins/DynamicLoader/Darwin-Kernel/DynamicLoaderDarwinKernel.cpp (original)
+++ lldb/trunk/source/Plugins/DynamicLoader/Darwin-Kernel/DynamicLoaderDarwinKernel.cpp Mon Apr 14 20:04:00 2014
@@ -1148,9 +1148,25 @@ DynamicLoaderDarwinKernel::ReadKextSumma
{
lldb::offset_t offset = 0;
m_kext_summary_header.version = data.GetU32(&offset);
+ if (m_kext_summary_header.version > 128)
+ {
+ Stream *s = m_process->GetTarget().GetDebugger().GetOutputFile().get();
+ s->Printf ("WARNING: Unable to read kext summary header, got improbable version number %u\n", m_kext_summary_header.version);
+ // If we get an improbably large veriosn number, we're probably getting bad memory.
+ m_kext_summary_header_addr.Clear();
+ return false;
+ }
if (m_kext_summary_header.version >= 2)
{
m_kext_summary_header.entry_size = data.GetU32(&offset);
+ if (m_kext_summary_header.entry_size > 4096)
+ {
+ // If we get an improbably large entry_size, we're probably getting bad memory.
+ Stream *s = m_process->GetTarget().GetDebugger().GetOutputFile().get();
+ s->Printf ("WARNING: Unable to read kext summary header, got improbable entry_size %u\n", m_kext_summary_header.entry_size);
+ m_kext_summary_header_addr.Clear();
+ return false;
+ }
}
else
{
@@ -1158,6 +1174,14 @@ DynamicLoaderDarwinKernel::ReadKextSumma
m_kext_summary_header.entry_size = KERNEL_MODULE_ENTRY_SIZE_VERSION_1;
}
m_kext_summary_header.entry_count = data.GetU32(&offset);
+ if (m_kext_summary_header.entry_count > 10000)
+ {
+ // If we get an improbably large number of kexts, we're probably getting bad memory.
+ Stream *s = m_process->GetTarget().GetDebugger().GetOutputFile().get();
+ s->Printf ("WARNING: Unable to read kext summary header, got improbable number of kexts %u\n", m_kext_summary_header.entry_count);
+ m_kext_summary_header_addr.Clear();
+ return false;
+ }
return true;
}
}
More information about the lldb-commits
mailing list