[llvm] ec9f0c7 - [DebugInfo] Fix a possible crash when reading a malformed .debug_*lists section.

Igor Kudrin via llvm-commits llvm-commits at lists.llvm.org
Tue Jul 14 02:36:08 PDT 2020 

Author: Igor Kudrin
Date: 2020-07-14T16:35:17+07:00
New Revision: ec9f0c7d4ae257642ee825baa9e23f9ffb000de8

URL: https://github.com/llvm/llvm-project/commit/ec9f0c7d4ae257642ee825baa9e23f9ffb000de8
DIFF: https://github.com/llvm/llvm-project/commit/ec9f0c7d4ae257642ee825baa9e23f9ffb000de8.diff

LOG: [DebugInfo] Fix a possible crash when reading a malformed .debug_*lists section.

DWARFListTableHeader::length() handles the zero value of HeaderData.Length
in a special way, which makes the result different from the calculated
value of FullLength, which leads to triggering an assertion. The patch
moves the assertion a bit later when `FullLength` is already checked for
minimal allowed value.

Differential Revision: https://reviews.llvm.org/D82886

Added: 
    llvm/test/DebugInfo/X86/dwarfdump-rnglists-zero-length.s

Modified: 
    llvm/lib/DebugInfo/DWARF/DWARFListTable.cpp

Removed: 
    


################################################################################
diff  --git a/llvm/lib/DebugInfo/DWARF/DWARFListTable.cpp b/llvm/lib/DebugInfo/DWARF/DWARFListTable.cpp
index 5f5f12a39083..2124a49bef60 100644
--- a/llvm/lib/DebugInfo/DWARF/DWARFListTable.cpp
+++ b/llvm/lib/DebugInfo/DWARF/DWARFListTable.cpp
@@ -29,13 +29,13 @@ Error DWARFListTableHeader::extract(DWARFDataExtractor Data,
   uint8_t OffsetByteSize = Format == dwarf::DWARF64 ? 8 : 4;
   uint64_t FullLength =
       HeaderData.Length + dwarf::getUnitLengthFieldByteSize(Format);
-  assert(FullLength == length());
   if (FullLength < getHeaderSize(Format))
     return createStringError(errc::invalid_argument,
                        "%s table at offset 0x%" PRIx64
                        " has too small length (0x%" PRIx64
                        ") to contain a complete header",
                        SectionName.data(), HeaderOffset, FullLength);
+  assert(FullLength == length() && "Inconsistent calculation of length.");
   uint64_t End = HeaderOffset + FullLength;
   if (!Data.isValidOffsetForDataOfSize(HeaderOffset, FullLength))
     return createStringError(errc::invalid_argument,

diff  --git a/llvm/test/DebugInfo/X86/dwarfdump-rnglists-zero-length.s b/llvm/test/DebugInfo/X86/dwarfdump-rnglists-zero-length.s
new file mode 100644
index 000000000000..05f87a1ef513
--- /dev/null
+++ b/llvm/test/DebugInfo/X86/dwarfdump-rnglists-zero-length.s
@@ -0,0 +1,12 @@
+## The test checks that llvm-dwarfdump can handle a malformed input file without
+## crashing.
+
+# RUN: llvm-mc -triple x86_64 %s -filetype=obj -o %t
+# RUN: not llvm-dwarfdump -debug-rnglists %t 2>&1 | FileCheck %s
+
+# CHECK: error: .debug_rnglists table at offset 0x0 has too small length (0x4) to contain a complete header
+
+## An assertion used to trigger in the debug build of the DebugInfo/DWARF 
+## library if the unit length field in a range list table was 0.
+    .section .debug_rnglists,"", at progbits
+    .long 0

More information about the llvm-commits mailing list