[PATCH] D106940: Fix test for debug dir presence

Alfonso Sanchez-Beato via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Tue Aug 10 02:09:09 PDT 2021 

alfonsosanchezbeato updated this revision to Diff 365387.
alfonsosanchezbeato added a comment.

I have hand-crafted a binary that exposed the bug. Something to note here is that without the fix there is a very clear access to uninitialized memory when `Obj.DataDirectories.size()==DEBUG_DIRECTORY`, as we access after the check to `Obj.DataDirectories[DEBUG_DIRECTORY]`.

This implies that the bug is not always reproducible, and also that we might get random crashes, depending on the memory content.


CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D106940/new/

https://reviews.llvm.org/D106940

Files:
  llvm/test/tools/llvm-objcopy/COFF/Inputs/no-debug-dir.efi
  llvm/test/tools/llvm-objcopy/COFF/check-debug-dir-present.test
  llvm/tools/llvm-objcopy/COFF/Writer.cpp


Index: llvm/tools/llvm-objcopy/COFF/Writer.cpp
===================================================================
--- llvm/tools/llvm-objcopy/COFF/Writer.cpp
+++ llvm/tools/llvm-objcopy/COFF/Writer.cpp
@@ -406,7 +406,7 @@
 // the debug_directory structs in there, and set the PointerToRawData field
 // in all of them, according to their new physical location in the file.
 Error COFFWriter::patchDebugDirectory() {
-  if (Obj.DataDirectories.size() < DEBUG_DIRECTORY)
+  if (Obj.DataDirectories.size() <= DEBUG_DIRECTORY)
     return Error::success();
   const data_directory *Dir = &Obj.DataDirectories[DEBUG_DIRECTORY];
   if (Dir->Size <= 0)
Index: llvm/test/tools/llvm-objcopy/COFF/check-debug-dir-present.test
===================================================================
--- /dev/null
+++ llvm/test/tools/llvm-objcopy/COFF/check-debug-dir-present.test
@@ -0,0 +1,55 @@
+## no-debug-dir.efi does not have a debug directory (it only has 6 directory entries).
+## We check that we handle that case properly.
+# RUN: llvm-objcopy --add-section .sect_name=%p/Inputs/no-debug-dir.efi %p/Inputs/no-debug-dir.efi %t
+# RUN: obj2yaml %t | FileCheck %s --check-prefixes=CHECK-ADD
+
+# CHECK-ADD:    NumberOfRvaAndSize: 6
+
+## We can use this yaml to generate the binary when we have support for a
+## variable NumberOfRvaAndSize in yaml2obj.
+--- !COFF
+OptionalHeader:
+  AddressOfEntryPoint: 4096
+  ImageBase:       0
+  SectionAlignment: 4096
+  FileAlignment:   512
+  MajorOperatingSystemVersion: 0
+  MinorOperatingSystemVersion: 0
+  MajorImageVersion: 0
+  MinorImageVersion: 0
+  MajorSubsystemVersion: 0
+  MinorSubsystemVersion: 0
+  Subsystem:       IMAGE_SUBSYSTEM_EFI_APPLICATION
+  DLLCharacteristics: [  ]
+  SizeOfStackReserve: 0
+  SizeOfStackCommit: 0
+  SizeOfHeapReserve: 0
+  SizeOfHeapCommit: 0
+  NumberOfRvaAndSize: 6
+  ExportTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+  ImportTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+  ResourceTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+  ExceptionTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+  CertificateTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+  BaseRelocationTable:
+    RelativeVirtualAddress: 0
+    Size:            0
+header:
+  Machine:         IMAGE_FILE_MACHINE_AMD64
+  Characteristics: [ ]
+sections:
+  - Name:            foo
+    Characteristics: [ ]
+    Alignment:       4
+symbols:
+...


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D106940.365387.patch
Type: text/x-patch
Size: 2473 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20210810/d31dcefe/attachment.bin>

More information about the llvm-commits mailing list