[PATCH] D14675: [RuntimeDyld] Add bounds checking to SectionEntry::advanceStubOffset

Sanjoy Das via llvm-commits llvm-commits at lists.llvm.org
Fri Nov 20 16:35:50 PST 2015 

sanjoy updated this revision to Diff 40847.
sanjoy added a comment.

- More bounds checking: add bounds check to getFooWithOffset accessors


http://reviews.llvm.org/D14675

Files:
  lib/ExecutionEngine/RuntimeDyld/RuntimeDyld.cpp
  lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
  lib/ExecutionEngine/RuntimeDyld/RuntimeDyldImpl.h

Index: lib/ExecutionEngine/RuntimeDyld/RuntimeDyldImpl.h
===================================================================
--- lib/ExecutionEngine/RuntimeDyld/RuntimeDyldImpl.h
+++ lib/ExecutionEngine/RuntimeDyld/RuntimeDyldImpl.h
@@ -69,23 +69,28 @@
   /// relocations (like ARM).
   uintptr_t StubOffset;
 
+  /// The total amount of space allocated for this section.  This includes the
+  /// section size and the maximum amount of space that the stubs can occupy.
+  size_t AllocationSize;
+
   /// ObjAddress - address of the section in the in-memory object file.  Used
   /// for calculating relocations in some object formats (like MachO).
   uintptr_t ObjAddress;
 
 public:
   SectionEntry(StringRef name, uint8_t *address, size_t size,
-               uintptr_t objAddress)
+               size_t allocationSize, uintptr_t objAddress)
       : Name(name), Address(address), Size(size),
         LoadAddress(reinterpret_cast<uintptr_t>(address)), StubOffset(size),
-        ObjAddress(objAddress) {}
+        AllocationSize(allocationSize), ObjAddress(objAddress) {}
 
   StringRef getName() const { return Name; }
 
   uint8_t *getAddress() const { return Address; }
 
   /// \brief Return the address of this section with an offset.
   uint8_t *getAddressWithOffset(unsigned OffsetBytes) const {
+    assert(OffsetBytes <= AllocationSize && "Offset out of bounds!");
     return Address + OffsetBytes;
   }
 
@@ -96,12 +101,16 @@
 
   /// \brief Return the load address of this section with an offset.
   uint64_t getLoadAddressWithOffset(unsigned OffsetBytes) const {
+    assert(OffsetBytes <= AllocationSize && "Offset out of bounds!");
     return LoadAddress + OffsetBytes;
   }
 
   uintptr_t getStubOffset() const { return StubOffset; }
 
-  void advanceStubOffset(unsigned StubSize) { StubOffset += StubSize; }
+  void advanceStubOffset(unsigned StubSize) {
+    StubOffset += StubSize;
+    assert(StubOffset <= AllocationSize && "Not enough space allocated!");
+  }
 
   uintptr_t getObjAddress() const { return ObjAddress; }
 };
Index: lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
===================================================================
--- lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
+++ lib/ExecutionEngine/RuntimeDyld/RuntimeDyldELF.cpp
@@ -1767,7 +1767,7 @@
     GOTSectionID = Sections.size();
     // Reserve a section id. We'll allocate the section later
     // once we know the total size
-    Sections.push_back(SectionEntry(".got", nullptr, 0, 0));
+    Sections.push_back(SectionEntry(".got", nullptr, 0, 0, 0));
   }
   uint64_t StartOffset = CurrentGOTIndex * getGOTEntrySize();
   CurrentGOTIndex += no;
@@ -1803,7 +1803,8 @@
     if (!Addr)
       report_fatal_error("Unable to allocate memory for GOT!");
 
-    Sections[GOTSectionID] = SectionEntry(".got", Addr, TotalSize, 0);
+    Sections[GOTSectionID] =
+        SectionEntry(".got", Addr, TotalSize, TotalSize, 0);
 
     if (Checker)
       Checker->registerSection(Obj.getFileName(), GOTSectionID);
Index: lib/ExecutionEngine/RuntimeDyld/RuntimeDyld.cpp
===================================================================
--- lib/ExecutionEngine/RuntimeDyld/RuntimeDyld.cpp
+++ lib/ExecutionEngine/RuntimeDyld/RuntimeDyld.cpp
@@ -518,7 +518,8 @@
   if (!Addr)
     report_fatal_error("Unable to allocate memory for common symbols!");
   uint64_t Offset = 0;
-  Sections.push_back(SectionEntry("<common symbols>", Addr, CommonSize, 0));
+  Sections.push_back(
+      SectionEntry("<common symbols>", Addr, CommonSize, CommonSize, 0));
   memset(Addr, 0, CommonSize);
 
   DEBUG(dbgs() << "emitCommonSection SectionID: " << SectionID << " new addr: "
@@ -643,7 +644,8 @@
                  << " Allocate: " << Allocate << "\n");
   }
 
-  Sections.push_back(SectionEntry(Name, Addr, DataSize, (uintptr_t)pData));
+  Sections.push_back(
+      SectionEntry(Name, Addr, DataSize, Allocate, (uintptr_t)pData));
 
   if (Checker)
     Checker->registerSection(Obj.getFileName(), SectionID);


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D14675.40847.patch
Type: text/x-patch
Size: 4008 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20151121/5685ba07/attachment.bin>

More information about the llvm-commits mailing list