[llvm] r330610 - Fix computeSymbolSizes SEGFAULT on invalid file

[Adrian Prantl via llvm-commits]

Author: adrian
Date: Mon Apr 23 09:08:01 2018
New Revision: 330610

URL: http://llvm.org/viewvc/llvm-project?rev=330610&view=rev
Log:
Fix computeSymbolSizes SEGFAULT on invalid file

We use llvm-symbolizer in some production systems, and we run it
against all possibly related files, including some that are not
ELF. We noticed that for some of those invalid files, llvm-symbolizer
would crash with SEGFAULT. Here is an example of such a file.

It is due to that in computeSymbolSizes, a loop uses condition

  for (unsigned I = 0, N = Addresses.size() - 1; I < N; ++I) {

where if Addresses.size() is 0, N would overflow and causing the loop
to access invalid memory.

Instead of patching the loop conditions, the commit makes so that the
function returns early if Addresses is empty.

Validated by checking that llvm-symbolizer no longer crashes.

Patch by Teng Qin!

Differential Revision: https://reviews.llvm.org/D44285

Modified:
    llvm/trunk/lib/Object/SymbolSize.cpp
    llvm/trunk/test/tools/llvm-symbolizer/sym.test

Modified: llvm/trunk/lib/Object/SymbolSize.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Object/SymbolSize.cpp?rev=330610&r1=330609&r2=330610&view=diff
==============================================================================
--- llvm/trunk/lib/Object/SymbolSize.cpp (original)
+++ llvm/trunk/lib/Object/SymbolSize.cpp Mon Apr 23 09:08:01 2018
@@ -66,6 +66,10 @@ llvm::object::computeSymbolSizes(const O
     Addresses.push_back(
         {O.symbol_end(), Address + Size, 0, getSectionID(O, Sec)});
   }
+
+  if (Addresses.empty())
+    return Ret;
+
   array_pod_sort(Addresses.begin(), Addresses.end(), compareAddress);
 
   // Compute the size as the gap to the next symbol

Modified: llvm/trunk/test/tools/llvm-symbolizer/sym.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/tools/llvm-symbolizer/sym.test?rev=330610&r1=330609&r2=330610&view=diff
==============================================================================
--- llvm/trunk/test/tools/llvm-symbolizer/sym.test (original)
+++ llvm/trunk/test/tools/llvm-symbolizer/sym.test Mon Apr 23 09:08:01 2018
@@ -19,6 +19,8 @@
 
 RUN: llvm-symbolizer -print-address -obj=%p/Inputs/addr.exe < %p/Inputs/addr.inp | FileCheck %s
 RUN: llvm-symbolizer -inlining -print-address -pretty-print -obj=%p/Inputs/addr.exe < %p/Inputs/addr.inp | FileCheck --check-prefix="PRETTY" %s 
+RUN: echo "0x1" > %t.input
+RUN: llvm-symbolizer -obj=%p/Inputs/zero < %t.input | FileCheck --check-prefix="ZERO" %s
 
 #CHECK: some text
 #CHECK: 0x40054d
@@ -31,4 +33,6 @@ RUN: llvm-symbolizer -inlining -print-ad
 #PRETTY:  (inlined by) inc at {{[/\]+}}tmp{{[/\]+}}x.c:7:0
 #PRETTY   (inlined by) main at {{[/\]+}}tmp{{[/\]+}}x.c:14:0
 #PRETTY: some text2
-
+#
+#ZERO: ??
+#ZERO: ??:0:0