[llvm-bugs] [Bug 40864] New: Don't abort printing of dynamic table if dynamic string address is invalid

via llvm-bugs llvm-bugs at lists.llvm.org
Tue Feb 26 03:11:47 PST 2019 

https://bugs.llvm.org/show_bug.cgi?id=40864

            Bug ID: 40864
           Summary: Don't abort printing of dynamic table if dynamic
                    string address is invalid
           Product: tools
           Version: trunk
          Hardware: PC
                OS: Windows NT
            Status: NEW
          Severity: enhancement
          Priority: P
         Component: llvm-readobj
          Assignee: unassignedbugs at nondot.org
          Reporter: jh7370.2008 at my.bristol.ac.uk
                CC: jh7370.2008 at my.bristol.ac.uk, llvm-bugs at lists.llvm.org

This issue is similar to, but not the same as bug 40807. For the following yaml
input, which contains a DT_STRTAB value pointing well outside the address
space, llvm-readobj aborts with "LLVM ERROR: Virtual address is not in any
segment". 

--- !ELF
FileHeader:
  Class:   ELFCLASS64
  Data:    ELFDATA2LSB
  Type:    ET_EXEC
  Machine: EM_X86_64
Sections:
  - Name:    .dynamic
    Type:    SHT_DYNAMIC
    Address: 0x1000
    Entries:
      - Tag:   DT_STRTAB
        Value: 0x2000000
      - Tag:   DT_STRSZ
        Value: 10
      - Tag:   DT_NEEDED
        Value: 1
ProgramHeaders:
  - Type: PT_LOAD
    VAddr: 0x1000
    Sections:
      - Section: .dynamic
  - Type: PT_DYNAMIC
    VAddr: 0x1000
    Sections:
      - Section: .dynamic

Better would be to emit a regular error somewhere and not to attempt lookups.
This is what GNU readelf does:

readelf: Warning: Virtual address 0x2000000 not located in any PT_LOAD segment.
readelf: Error: Unable to determine the length of the dynamic string table

Dynamic section at offset 0x1f0 contains 4 entries:
  Tag        Type                         Name/Value
 0x0000000000000005 (STRTAB)             0x2000000
 0x000000000000000a (STRSZ)              10 (bytes)
 0x0000000000000001 (NEEDED)             0x1
 0x0000000000000000 (NULL)               0x0

(I don't know why it complains about being unable to determine the legnth of
the dynamic string table).

-- 
You are receiving this mail because:
You are on the CC list for the bug.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-bugs/attachments/20190226/8061d14d/attachment-0001.html>

More information about the llvm-bugs mailing list