[llvm-bugs] [Bug 34108] New: Invalid pointer from COFFObjectFile::getLoadConfig32()
via llvm-bugs
llvm-bugs at lists.llvm.org
Mon Aug 7 13:59:56 PDT 2017
https://bugs.llvm.org/show_bug.cgi?id=34108
Bug ID: 34108
Summary: Invalid pointer from COFFObjectFile::getLoadConfig32()
Product: new-bugs
Version: trunk
Hardware: PC
OS: Linux
Status: NEW
Severity: enhancement
Priority: P
Component: new bugs
Assignee: unassignedbugs at nondot.org
Reporter: w.parker.thompson at gmail.com
CC: llvm-bugs at lists.llvm.org
When trying to access the load config of a COFF file, the getter functions
getLoadConfig32 / getLoadConfig64 will return a uninitialized pointer
(COFFObjectFile::LoadConfig). During parsing in
COFFObjectFile::initLoadConfigPtr this pointer will remain uninitialized if
there is a failure to parse this directory. For example if the directory
exists but it does not have a valid size / vaddr.
If this pointer defaulted to nullptr then it could be checked by the caller.
Currently a caller needs to manually confirm that a load_config directory
exists and that its vaddr does not equal 0x0.
I have an example binary that expresses this but unfortunately is too large to
attach. I can provide it if needed.
Output from python's pefile module when run against the testcase:
<snip>
[IMAGE_DIRECTORY_ENTRY_LOAD_CONFIG]
0x1A0 0x0 VirtualAddress: 0x0
0x1A4 0x4 Size: 0x0
<snip>
--
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20170807/52953ef4/attachment.html>
More information about the llvm-bugs
mailing list