[PATCH] D25189: [Object/ELF] - Avoid possible crash in getExtendedSymbolTableIndex().

[George Rimar via llvm-commits]

grimar created this revision.
grimar added reviewers: rafael, davide.
grimar added subscribers: llvm-commits, grimar, evgeny777.

When using broken input object found using AFL,
getExtendedSymbolTableIndex() crashed because ShndxTable
was empty as object does not contain SHT_SYMTAB_SHNDX section.


https://reviews.llvm.org/D25189

Files:
  include/llvm/Object/ELF.h
  test/Object/Inputs/invalid-ext-symtab-index.elf-x86-64
  test/Object/invalid.test


Index: test/Object/invalid.test
===================================================================
--- test/Object/invalid.test
+++ test/Object/invalid.test
@@ -54,3 +54,7 @@
 
 RUN: not llvm-readobj -t %p/Inputs/invalid-xindex-size.elf 2>&1 | FileCheck --check-prefix=INVALID-XINDEX-SIZE %s
 INVALID-XINDEX-SIZE: Invalid data was encountered while parsing the file.
+
+RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s
+INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index
Index: include/llvm/Object/ELF.h
===================================================================
--- include/llvm/Object/ELF.h
+++ include/llvm/Object/ELF.h
@@ -225,7 +225,8 @@
     ArrayRef<Elf_Word> ShndxTable) const {
   assert(Sym->st_shndx == ELF::SHN_XINDEX);
   unsigned Index = Sym - FirstSym;
-
+  if (Index >= ShndxTable.size())
+    report_fatal_error("Invalid symbol table index");
   // The size of the table was checked in getSHNDXTable.
   return ShndxTable[Index];
 }


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25189.73280.patch
Type: text/x-patch
Size: 1070 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161003/1ea5eb5a/attachment.bin>