[llvm] [llvm-objdump][ELF] Add Section size check. (#86612) (PR #124470)

via llvm-commits llvm-commits at lists.llvm.org
Sun Jan 26 06:56:27 PST 2025 

https://github.com/cabbaken created https://github.com/llvm/llvm-project/pull/124470

This change make the check of the section size to avoid crashing of llvm-objdump when processing misformatted elf file.

>From f14c753281a40906b0a2d785b4413c402adfad41 Mon Sep 17 00:00:00 2001
From: cabbaken <cabbaken at outlook.com>
Date: Sun, 26 Jan 2025 17:37:46 +0800
Subject: [PATCH] [llvm-objdump][ELF] Add Section size check. (#86612)

This change make the check of the section size to
avoid crashing of llvm-objdump when processing
misformated elf file.

Signed-off-by: cabbaken <cabbaken at outlook.com>
---
 llvm/tools/llvm-objdump/ELFDump.cpp | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/llvm/tools/llvm-objdump/ELFDump.cpp b/llvm/tools/llvm-objdump/ELFDump.cpp
index e9e5b059f1786e..83699f8267575c 100644
--- a/llvm/tools/llvm-objdump/ELFDump.cpp
+++ b/llvm/tools/llvm-objdump/ELFDump.cpp
@@ -221,6 +221,13 @@ template <class ELFT> void ELFDumper<ELFT>::printDynamicSection() {
   std::string TagFmt = "  %-" + std::to_string(MaxLen) + "s ";
 
   outs() << "\nDynamic Section:\n";
+  auto DynamicSectionOrErr = Elf.getSection(ELF::SHT_DYNAMIC);
+  if (!DynamicSectionOrErr) {
+    reportWarning(toString(DynamicSectionOrErr.takeError()), Obj.getFileName());
+    return;
+  }
+  const auto StringTableSize = (*DynamicSectionOrErr)->sh_size;
+
   for (const typename ELFT::Dyn &Dyn : DynamicEntries) {
     if (Dyn.d_tag == ELF::DT_NULL)
       continue;
@@ -235,6 +242,11 @@ template <class ELFT> void ELFDumper<ELFT>::printDynamicSection() {
       Expected<StringRef> StrTabOrErr = getDynamicStrTab(Elf);
       if (StrTabOrErr) {
         const char *Data = StrTabOrErr->data();
+        if (Dyn.getVal() > StringTableSize) {
+          reportWarning("Invalid string table offset for section .dynstr",
+                        Obj.getFileName());
+          continue;
+        }
         outs() << format(TagFmt.c_str(), Str.c_str()) << Data + Dyn.getVal()
                << "\n";
         continue;

More information about the llvm-commits mailing list