[PATCH] D25555: [ELF] - Do not crash when object has multiple SHT_MIPS_OPTIONS

George Rimar via llvm-commits llvm-commits at lists.llvm.org
Thu Oct 13 05:52:22 PDT 2016 

grimar created this revision.
grimar added reviewers: ruiu, rafael, atanasyan, davide.
grimar added subscribers: llvm-commits, grimar, evgeny777.
Herald added a subscriber: sdardis.

Issue was revealed by AFl and I was able to generate such object using yaml2obj,
it is reasonable to fix probably.

When object has more than one SHT_MIPS_OPTIONS, each except the last one is destroyed after
placing into Sections array.
Sections array contains dead pointers finally. LLD may crash then.

Do we want fixing it ? 
If so I can prepare patch for fixing the same for SHT_MIPS_REGINFO and SHT_MIPS_ABIFLAGS.


https://reviews.llvm.org/D25555

Files:
  ELF/InputFiles.cpp
  test/ELF/invalid/mips-multiple-options.test


Index: test/ELF/invalid/mips-multiple-options.test
===================================================================
--- test/ELF/invalid/mips-multiple-options.test
+++ test/ELF/invalid/mips-multiple-options.test
@@ -0,0 +1,25 @@
+# RUN: yaml2obj %s -o %t
+# RUN: not ld.lld %t -o %tout 2>&1 | FileCheck %s
+
+--- !ELF
+FileHeader:
+  Class:    ELFCLASS32
+  Data:     ELFDATA2LSB
+  Type:     ET_REL
+  Machine:  EM_MIPS
+  Flags:    [EF_MIPS_PIC, EF_MIPS_CPIC, EF_MIPS_ABI_O32, EF_MIPS_ARCH_32]
+
+Sections:
+  - Name:          .o1
+    Type:          SHT_MIPS_OPTIONS
+    Flags:         [ SHF_ALLOC, SHF_EXECINSTR ]
+    AddressAlign:  16
+    Content:       "010000000000000000000000"
+
+  - Name:          .o2
+    Type:          SHT_MIPS_OPTIONS
+    Flags:         [ SHF_ALLOC, SHF_EXECINSTR ]
+    AddressAlign:  16
+    Content:       "010000000000000000000000"
+
+# CHECK: Multiple SHT_MIPS_OPTIONS sections are not allowed
Index: ELF/InputFiles.cpp
===================================================================
--- ELF/InputFiles.cpp
+++ ELF/InputFiles.cpp
@@ -324,6 +324,8 @@
     MipsReginfo.reset(new MipsReginfoInputSection<ELFT>(this, &Sec, Name));
     return MipsReginfo.get();
   case SHT_MIPS_OPTIONS:
+    if (MipsOptions)
+      fatal("Multiple SHT_MIPS_OPTIONS sections are not allowed");
     MipsOptions.reset(new MipsOptionsInputSection<ELFT>(this, &Sec, Name));
     return MipsOptions.get();
   case SHT_MIPS_ABIFLAGS:


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25555.74502.patch
Type: text/x-patch
Size: 1489 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20161013/81a64b04/attachment.bin>

More information about the llvm-commits mailing list