[llvm] [WasmObjectFile] fix NULL-dereference (PR #77708)
via llvm-commits
llvm-commits at lists.llvm.org
Wed Jan 10 16:23:25 PST 2024
https://github.com/DavidKorczynski created https://github.com/llvm/llvm-project/pull/77708
If the element index is above `Sections.size()` then a NULL-dereference may happen. This fixes it by ensuring the index is within bound and returns an error in case.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30789
>From db46b8a73b8a5d9e661def19695250a82c5dfb86 Mon Sep 17 00:00:00 2001
From: David Korczynski <david at adalogics.com>
Date: Wed, 10 Jan 2024 16:26:34 -0800
Subject: [PATCH] [WasmObjectFile] fix NULL-dereference
If the element index is above `Sections.size()` then a NULL-dereference
may happen. This fixes it by ensuring the index is within bound and
returns an error in case.
Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=30789
Signed-off-by: David Korczynski <david at adalogics.com>
---
llvm/lib/Object/WasmObjectFile.cpp | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/llvm/lib/Object/WasmObjectFile.cpp b/llvm/lib/Object/WasmObjectFile.cpp
index 94cd96968ff201..1e9662a7d6ad08 100644
--- a/llvm/lib/Object/WasmObjectFile.cpp
+++ b/llvm/lib/Object/WasmObjectFile.cpp
@@ -753,6 +753,10 @@ Error WasmObjectFile::parseLinkingSectionSymtab(ReadContext &Ctx) {
"section symbols must have local binding",
object_error::parse_failed);
Info.ElementIndex = readVaruint32(Ctx);
+ if (Info.ElementIndex >= Sections.size()) {
+ return make_error<GenericBinaryError>("invalid section index index",
+ object_error::parse_failed);
+ }
// Use somewhat unique section name as symbol name.
StringRef SectionName = Sections[Info.ElementIndex].Name;
Info.Name = SectionName;
More information about the llvm-commits
mailing list