[PATCH] D13872: [ELF2] - fixed infinite includes depth

George Rimar via llvm-commits llvm-commits at lists.llvm.org
Mon Oct 19 08:38:14 PDT 2015 

grimar created this revision.
grimar added reviewers: ruiu, rafael.
grimar added subscribers: llvm-commits, grimar.

Infinite including leads to out of memory after hard freeze because of infinite loop. According to specs INCLUDE should be limited to 10 levels depth.

http://reviews.llvm.org/D13872

Files:
  ELF/LinkerScript.cpp
  test/elf2/linkerscript.s

Index: test/elf2/linkerscript.s
===================================================================
--- test/elf2/linkerscript.s
+++ test/elf2/linkerscript.s
@@ -92,9 +92,13 @@
 # RUN: echo "FOO(BAR)" > %t.script
 # RUN: not ld.lld2 -o foo %t.script > %t.log 2>&1
 # RUN: FileCheck -check-prefix=ERR1 %s < %t.log
-
 # ERR1: unknown directive: FOO
 
+# RUN: echo "INCLUDE " %t.script > %t.script
+# RUN: not ld.lld2 -o %t2 %t.script > %t.log 2>&1
+# RUN: FileCheck -check-prefix=ERR2 %s < %t.log
+# ERR2: includes nested too deeply
+
 .globl _start, _label;
 _start:
   mov $60, %rax
Index: ELF/LinkerScript.cpp
===================================================================
--- ELF/LinkerScript.cpp
+++ ELF/LinkerScript.cpp
@@ -53,14 +53,21 @@
   StringSaver Saver;
   std::vector<StringRef> Tokens;
   size_t Pos = 0;
+  size_t IncludeLevel = 0;
 };
+
+StringRef EndInclude = "_end_include";
 }
 
 void LinkerScript::run() {
   while (!atEOF()) {
     StringRef Tok = next();
     if (Tok == ";")
       continue;
+    if (Tok.begin() == EndInclude.begin()) {
+      --IncludeLevel;
+      continue;
+    }
     if (Tok == "ENTRY") {
       readEntry();
     } else if (Tok == "GROUP" || Tok == "INPUT") {
@@ -196,12 +203,17 @@
 }
 
 void LinkerScript::readInclude() {
+  ++IncludeLevel;
+  if (IncludeLevel > 10) {
+    error("includes nested too deeply");
+  }
   StringRef Tok = next();
   auto MBOrErr = MemoryBuffer::getFile(Tok);
   error(MBOrErr, "cannot open " + Tok);
   std::unique_ptr<MemoryBuffer> &MB = *MBOrErr;
   StringRef S = Saver.save(MB->getMemBufferRef().getBuffer());
   std::vector<StringRef> V = tokenize(S);
+  V.push_back(EndInclude);
   Tokens.insert(Tokens.begin() + Pos, V.begin(), V.end());
 }
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D13872.37761.patch
Type: text/x-patch
Size: 1732 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151019/fc433bff/attachment.bin>

More information about the llvm-commits mailing list