[PATCH] D25187: [Object/ELF] - Do not crash on invalid sh_offset value of REL[A] section.

George Rimar via llvm-commits llvm-commits at lists.llvm.org
Tue Oct 4 02:34:41 PDT 2016 

This revision was automatically updated to reflect the committed changes.
Closed by commit rL283204: [Object/ELF] - Do not crash on invalid sh_offset value of REL[A] section. (authored by grimar).

Changed prior to commit:
  https://reviews.llvm.org/D25187?vs=73272&id=73436#toc

Repository:
  rL LLVM

https://reviews.llvm.org/D25187

Files:
  llvm/trunk/include/llvm/Object/ELF.h
  llvm/trunk/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386
  llvm/trunk/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64
  llvm/trunk/test/Object/invalid.test


Index: llvm/trunk/include/llvm/Object/ELF.h
===================================================================
--- llvm/trunk/include/llvm/Object/ELF.h
+++ llvm/trunk/include/llvm/Object/ELF.h
@@ -137,6 +137,8 @@
   const Elf_Rela *rela_begin(const Elf_Shdr *sec) const {
     if (sec->sh_entsize != sizeof(Elf_Rela))
       report_fatal_error("Invalid relocation entry size");
+    if (sec->sh_offset >= Buf.size())
+      report_fatal_error("Invalid relocation entry offset");
     return reinterpret_cast<const Elf_Rela *>(base() + sec->sh_offset);
   }
 
@@ -154,6 +156,8 @@
   const Elf_Rel *rel_begin(const Elf_Shdr *sec) const {
     if (sec->sh_entsize != sizeof(Elf_Rel))
       report_fatal_error("Invalid relocation entry size");
+    if (sec->sh_offset >= Buf.size())
+      report_fatal_error("Invalid relocation entry offset");
     return reinterpret_cast<const Elf_Rel *>(base() + sec->sh_offset);
   }
 
Index: llvm/trunk/test/Object/invalid.test
===================================================================
--- llvm/trunk/test/Object/invalid.test
+++ llvm/trunk/test/Object/invalid.test
@@ -58,3 +58,9 @@
 RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 | \
 RUN:   FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s
 INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index
+
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-i386 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
+INVALID-RELOC-SH-OFFSET: Invalid relocation entry offset


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25187.73436.patch
Type: text/x-patch
Size: 1683 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161004/49a5053d/attachment.bin>

More information about the llvm-commits mailing list