[llvm] [Support] Add decodeULEB128AndInc/decodeSLEB128AndInc (PR #85739)

Fangrui Song via llvm-commits llvm-commits at lists.llvm.org
Mon Mar 25 13:08:01 PDT 2024


MaskRay wrote:

I agree that some LEB128 uses do pay less attention about potential buffer overrun.

Like the one mentioned in https://gcc.gnu.org/git/?p=gcc.git;a=blob;f=SECURITY.txt 

> Compiling untrusted sources can result in arbitrary code execution and unconstrained resource consumption in the compiler. As a result, compilation of such code should be done inside a sandboxed environment to ensure that it does not compromise the host environment.

Many of LLVM tools might prioritize efficiency over bounds checking (E.g. I believe that in a lot of llvm/lib/Object/ places do not check the bounds.)
We might not have the bandwidth to address every potential LEB128 decode call site with explicit `end` arguments or by switching entirely to `DataExtractor`.


https://github.com/llvm/llvm-project/pull/85739


More information about the llvm-commits mailing list