[PATCH] D25015: [Object/ELF] - Report error on incorrect sh_offset.

George Rimar via llvm-commits llvm-commits at lists.llvm.org
Wed Sep 28 04:04:16 PDT 2016 

grimar created this revision.
grimar added reviewers: rafael, davide.
grimar added subscribers: llvm-commits, grimar, evgeny777.

It is related with PR30540, previously if sh_offset was incorrect (too large), 
returned pointer could be wrong.

It is not possible to craft file with incorrect sh_offset using yaml2obj it seems,
so used precompiled one.

https://reviews.llvm.org/D25015

Files:
  include/llvm/Object/ELF.h
  test/Object/Inputs/invalid-sh_offset.elf
  test/Object/invalid.test

Index: test/Object/invalid.test
===================================================================
--- test/Object/invalid.test
+++ test/Object/invalid.test
@@ -37,6 +37,9 @@
 RUN: not llvm-readobj -t %p/Inputs/invalid-sh_entsize.elf 2>&1 | FileCheck --check-prefix=INVALID-SYM-SIZE %s
 INVALID-SYM-SIZE: Invalid symbol size
 
+RUN: not llvm-readobj -t %p/Inputs/invalid-sh_offset.elf 2>&1 | FileCheck --check-prefix=INVALID-SYM-OFFSET %s
+INVALID-SYM-OFFSET: Invalid symbol offset
+
 RUN: not llvm-readobj --dyn-symbols %p/Inputs/invalid-sh_entsize.elf 2>&1 | FileCheck --check-prefix=INVALID-DYNSYM-SIZE %s
 INVALID-DYNSYM-SIZE: Invalid entity size
 
Index: test/Object/Inputs/invalid-sh_offset.elf
===================================================================
--- test/Object/Inputs/invalid-sh_offset.elf
+++ test/Object/Inputs/invalid-sh_offset.elf
@@ -0,0 +1 @@
+ELF          >                                @     @                                                          .text foo .eh_frame .strtab .symtab                                                                                          x       %                                                   @                                           p               @                                                           H €     0                           
\ No newline at end of file
Index: include/llvm/Object/ELF.h
===================================================================
--- include/llvm/Object/ELF.h
+++ include/llvm/Object/ELF.h
@@ -120,6 +120,8 @@
       return nullptr;
     if (Sec->sh_entsize != sizeof(Elf_Sym))
       report_fatal_error("Invalid symbol size");
+    if (Sec->sh_offset >= Buf.size())
+      report_fatal_error("Invalid symbol offset");
     return reinterpret_cast<const Elf_Sym *>(base() + Sec->sh_offset);
   }
   const Elf_Sym *symbol_end(const Elf_Shdr *Sec) const {


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25015.72795.patch
Type: text/x-patch
Size: 1911 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20160928/10b8b1e9/attachment.bin>

More information about the llvm-commits mailing list