[llvm] r288084 - Add error checking for Mach-O universal files.
Kevin Enderby via llvm-commits
llvm-commits at lists.llvm.org
Mon Nov 28 14:40:51 PST 2016
Author: enderby
Date: Mon Nov 28 16:40:50 2016
New Revision: 288084
URL: http://llvm.org/viewvc/llvm-project?rev=288084&view=rev
Log:
Add error checking for Mach-O universal files.
Add the checking for both the MachO::fat_header and the
MachO::fat_arch struct values in the constructor for
MachOUniversalBinary. Such that when the constructor
for ObjectForArch is called it can assume the values in
the MachO::fat_arch for the offset and size are contained
in the file after the MachOUniversalBinary constructor
is called for the Parent.
Added:
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-badalign (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-bigalign (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlap (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlapheaders (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-size (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-twosame (with props)
llvm/trunk/test/Object/Inputs/macho-invalid-fat-header (with props)
Modified:
llvm/trunk/lib/Object/MachOUniversal.cpp
llvm/trunk/test/Object/macho-invalid.test
Modified: llvm/trunk/lib/Object/MachOUniversal.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Object/MachOUniversal.cpp?rev=288084&r1=288083&r2=288084&view=diff
==============================================================================
--- llvm/trunk/lib/Object/MachOUniversal.cpp (original)
+++ llvm/trunk/lib/Object/MachOUniversal.cpp Mon Nov 28 16:40:50 2016
@@ -42,6 +42,7 @@ static T getUniversalBinaryStruct(const
MachOUniversalBinary::ObjectForArch::ObjectForArch(
const MachOUniversalBinary *Parent, uint32_t Index)
: Parent(Parent), Index(Index) {
+ // The iterators use Parent as a nullptr and an Index+1 == NumberOfObjects.
if (!Parent || Index >= Parent->getNumberOfObjects()) {
clear();
} else {
@@ -51,16 +52,10 @@ MachOUniversalBinary::ObjectForArch::Obj
const char *HeaderPos = ParentData.begin() + sizeof(MachO::fat_header) +
Index * sizeof(MachO::fat_arch);
Header = getUniversalBinaryStruct<MachO::fat_arch>(HeaderPos);
- if (ParentData.size() < Header.offset + Header.size) {
- clear();
- }
} else { // Parent->getMagic() == MachO::FAT_MAGIC_64
const char *HeaderPos = ParentData.begin() + sizeof(MachO::fat_header) +
Index * sizeof(MachO::fat_arch_64);
Header64 = getUniversalBinaryStruct<MachO::fat_arch_64>(HeaderPos);
- if (ParentData.size() < Header64.offset + Header64.size) {
- clear();
- }
}
}
}
@@ -131,6 +126,10 @@ MachOUniversalBinary::MachOUniversalBina
getUniversalBinaryStruct<MachO::fat_header>(Buf.begin());
Magic = H.magic;
NumberOfObjects = H.nfat_arch;
+ if (NumberOfObjects == 0) {
+ Err = malformedError("contains zero architecture types");
+ return;
+ }
uint32_t MinSize = sizeof(MachO::fat_header);
if (Magic == MachO::FAT_MAGIC)
MinSize += sizeof(MachO::fat_arch) * NumberOfObjects;
@@ -146,6 +145,68 @@ MachOUniversalBinary::MachOUniversalBina
" structs would extend past the end of the file");
return;
}
+ for (uint32_t i = 0; i < NumberOfObjects; i++) {
+ ObjectForArch A(this, i);
+ uint64_t bigSize = A.getOffset();
+ bigSize += A.getSize();
+ if (bigSize > Buf.size()) {
+ Err = malformedError("offset plus size of cputype (" +
+ Twine(A.getCPUType()) + ") cpusubtype (" +
+ Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
+ ") extends past the end of the file");
+ return;
+ }
+#define MAXSECTALIGN 15 /* 2**15 or 0x8000 */
+ if (A.getAlign() > MAXSECTALIGN) {
+ Err = malformedError("align (2^" + Twine(A.getAlign()) + ") too large "
+ "for cputype (" + Twine(A.getCPUType()) + ") cpusubtype (" +
+ Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
+ ") (maximum 2^" + Twine(MAXSECTALIGN) + ")");
+ return;
+ }
+ if(A.getOffset() % (1 << A.getAlign()) != 0){
+ Err = malformedError("offset: " + Twine(A.getOffset()) +
+ " for cputype (" + Twine(A.getCPUType()) + ") cpusubtype (" +
+ Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
+ ") not aligned on it's alignment (2^" + Twine(A.getAlign()) + ")");
+ return;
+ }
+ if (A.getOffset() < MinSize) {
+ Err = malformedError("cputype (" + Twine(A.getCPUType()) + ") "
+ "cpusubtype (" + Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
+ ") offset " + Twine(A.getOffset()) + " overlaps universal headers");
+ return;
+ }
+ }
+ for (uint32_t i = 0; i < NumberOfObjects; i++) {
+ ObjectForArch A(this, i);
+ for (uint32_t j = i + 1; j < NumberOfObjects; j++) {
+ ObjectForArch B(this, j);
+ if (A.getCPUType() == B.getCPUType() &&
+ (A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) ==
+ (B.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK)) {
+ Err = malformedError("contains two of the same architecture (cputype "
+ "(" + Twine(A.getCPUType()) + ") cpusubtype (" +
+ Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) + "))");
+ return;
+ }
+ if ((A.getOffset() >= B.getOffset() &&
+ A.getOffset() < B.getOffset() + B.getSize()) ||
+ (A.getOffset() + A.getSize() > B.getOffset() &&
+ A.getOffset() + A.getSize() < B.getOffset() + B.getSize()) ||
+ (A.getOffset() <= B.getOffset() &&
+ A.getOffset() + A.getSize() >= B.getOffset() + B.getSize())) {
+ Err = malformedError("cputype (" + Twine(A.getCPUType()) + ") "
+ "cpusubtype (" + Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
+ ") at offset " + Twine(A.getOffset()) + " with a size of " +
+ Twine(A.getSize()) + ", overlaps cputype (" + Twine(B.getCPUType()) +
+ ") cpusubtype (" + Twine(B.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK)
+ + ") at offset " + Twine(B.getOffset()) + " with a size of "
+ + Twine(B.getSize()));
+ return;
+ }
+ }
+ }
Err = Error::success();
}
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-badalign
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-badalign?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-badalign
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-bigalign
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-bigalign?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-bigalign
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlap
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlap?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlap
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlapheaders
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlapheaders?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-overlapheaders
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-size
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-size?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-size
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-twosame
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-twosame?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-arch-twosame
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Added: llvm/trunk/test/Object/Inputs/macho-invalid-fat-header
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/Inputs/macho-invalid-fat-header?rev=288084&view=auto
==============================================================================
Binary file - no diff available.
Propchange: llvm/trunk/test/Object/Inputs/macho-invalid-fat-header
------------------------------------------------------------------------------
svn:mime-type = application/octet-stream
Modified: llvm/trunk/test/Object/macho-invalid.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Object/macho-invalid.test?rev=288084&r1=288083&r2=288084&view=diff
==============================================================================
--- llvm/trunk/test/Object/macho-invalid.test (original)
+++ llvm/trunk/test/Object/macho-invalid.test Mon Nov 28 16:40:50 2016
@@ -484,3 +484,24 @@ INVALID-LAZY_BIND-OVERLAP: macho-invalid
RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-export-overlap 2>&1 | FileCheck -check-prefix INVALID-EXPORT-OVERLAP %s
INVALID-EXPORT-OVERLAP: macho-invalid-export-overlap': truncated or malformed object (dyld export info at offset 200 with a size of 32, overlaps dyld lazy bind info at offset 176 with a size of 32)
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-header 2>&1 | FileCheck -check-prefix INVALID-FAT-HEADER %s
+INVALID-FAT-HEADER: macho-invalid-fat-header': truncated or malformed fat file (contains zero architecture types)
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-size 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-SIZE %s
+INVALID-FAT-ARCH-SIZE: macho-invalid-fat-arch-size': truncated or malformed fat file (offset plus size of cputype (7) cpusubtype (3) extends past the end of the file)
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-bigalign 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-BIGALIGN %s
+INVALID-FAT-ARCH-BIGALIGN: macho-invalid-fat-arch-bigalign': truncated or malformed fat file (align (2^212) too large for cputype (7) cpusubtype (3) (maximum 2^15))
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-badalign 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-BADALIGN %s
+INVALID-FAT-ARCH-BADALIGN: macho-invalid-fat-arch-badalign': truncated or malformed fat file (offset: 28 for cputype (7) cpusubtype (3) not aligned on it's alignment (2^4))
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-twosame 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-TWOSAME %s
+INVALID-FAT-ARCH-TWOSAME: macho-invalid-fat-arch-twosame': truncated or malformed fat file (contains two of the same architecture (cputype (7) cpusubtype (3)))
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-overlap 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-OVERLAP %s
+INVALID-FAT-ARCH-OVERLAP: macho-invalid-fat-arch-overlap': truncated or malformed fat file (cputype (7) cpusubtype (5) at offset 48 with a size of 28, overlaps cputype (7) cpusubtype (3) at offset 52 with a size of 28)
+
+RUN: not llvm-objdump -macho -universal-headers %p/Inputs/macho-invalid-fat-arch-overlapheaders 2>&1 | FileCheck -check-prefix INVALID-FAT-ARCH-OVERLAPHEADERS %s
+INVALID-FAT-ARCH-OVERLAPHEADERS: macho-invalid-fat-arch-overlapheaders': truncated or malformed fat file (cputype (7) cpusubtype (3) offset 12 overlaps universal headers)
More information about the llvm-commits
mailing list