[PATCH] D25315: [Object/ELF] - Do section header sh_offset/sh_size values check once during object loading.
George Rimar via llvm-commits
llvm-commits at lists.llvm.org
Thu Oct 6 05:19:05 PDT 2016
grimar created this revision.
grimar added reviewers: rafael, davide.
grimar added subscribers: llvm-commits, grimar, evgeny777.
This helps to keep client code cleaner.
For example we have next code in LLD:
auto *Begin =
reinterpret_cast<const Elf_Dyn *>(Obj.base() + DynamicSec->sh_offset);
const Elf_Dyn *End = Begin + DynamicSec->sh_size / sizeof(Elf_Dyn);
sh_offset and/or sh_size may be broken here and the same situation can be found for some other sections.
Instead of placing multiple checks in LLD, I suggest this change to check object once during loading.
https://reviews.llvm.org/D25315
Files:
include/llvm/Object/ELF.h
test/Object/Inputs/invalid-relocation-sec-sh_size.elf-i386
test/Object/Inputs/invalid-relocation-sec-sh_size.elf-x86-64
test/Object/invalid.test
Index: test/Object/invalid.test
===================================================================
--- test/Object/invalid.test
+++ test/Object/invalid.test
@@ -63,4 +63,10 @@
RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 2>&1 | \
RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
-INVALID-RELOC-SH-OFFSET: Invalid relocation entry offset
+INVALID-RELOC-SH-OFFSET: Invalid data was encountered while parsing the file
+
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_size.elf-i386 2>&1 | \
+RUN: FileCheck --check-prefix=INVALID-RELOC-SH-SIZE %s
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_size.elf-x86-64 2>&1 | \
+RUN: FileCheck --check-prefix=INVALID-RELOC-SH-SIZE %s
+INVALID-RELOC-SH-SIZE: Invalid data was encountered while parsing the file
Index: include/llvm/Object/ELF.h
===================================================================
--- include/llvm/Object/ELF.h
+++ include/llvm/Object/ELF.h
@@ -137,8 +137,6 @@
const Elf_Rela *rela_begin(const Elf_Shdr *sec) const {
if (sec->sh_entsize != sizeof(Elf_Rela))
report_fatal_error("Invalid relocation entry size");
- if (sec->sh_offset >= Buf.size())
- report_fatal_error("Invalid relocation entry offset");
return reinterpret_cast<const Elf_Rela *>(base() + sec->sh_offset);
}
@@ -156,8 +154,6 @@
const Elf_Rel *rel_begin(const Elf_Shdr *sec) const {
if (sec->sh_entsize != sizeof(Elf_Rel))
report_fatal_error("Invalid relocation entry size");
- if (sec->sh_offset >= Buf.size())
- report_fatal_error("Invalid relocation entry offset");
return reinterpret_cast<const Elf_Rel *>(base() + sec->sh_offset);
}
@@ -385,6 +381,14 @@
DotShstrtab = *StringTableOrErr;
}
+ for (const Elf_Shdr &Sec : sections()) {
+ if ((Sec.sh_offset > getBufSize()) ||
+ (Sec.sh_offset + Sec.sh_size > getBufSize())) {
+ EC = object_error::parse_failed;
+ return;
+ }
+ }
+
EC = std::error_code();
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25315.73769.patch
Type: text/x-patch
Size: 2127 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161006/88242109/attachment.bin>
More information about the llvm-commits
mailing list