This is an archive of the discontinued LLVM Phabricator instance.

[Object/ELF] - Report error on incorrect sh_offset.
AbandonedPublic

Authored by grimar on Sep 28 2016, 4:04 AM.

Download Raw Diff

Details

Reviewers

davide
• rafael

Summary

It is related with PR30540, previously if sh_offset was incorrect (too large),
returned pointer could be wrong.

It is not possible to craft file with incorrect sh_offset using yaml2obj it seems,
so used precompiled one.

Diff Detail

Event Timeline

grimar updated this revision to Diff 72795.Sep 28 2016, 4:04 AM

grimar retitled this revision from to [Object/ELF] - Report error on incorrect sh_offset..

grimar updated this object.

grimar added reviewers: • rafael, davide.

grimar added subscribers: llvm-commits, grimar, evgeny777.

did you try to minimize this? afl has an utility for that (afl-min) you may want to check out.

In D25015#555336, @davide wrote:

did you try to minimize this? afl has an utility for that (afl-min) you may want to check out.

I tried. No reduce of file size for this testcase, so leaved it as is.

Rebased.

r283454 fixed that.

Revision Contents

Path

Size

include/

llvm/

Object/

	ELF.h
	ELF.h (revision 283204)

2 lines

test/

Object/

Inputs/

	invalid-sh_offset.elf
	invalid-sh_offset.elf (nonexistent)

	invalid.test
	invalid.test (revision 283204)

3 lines

Diff 73438

include/llvm/Object/ELF.h

Show First 20 Lines • Show All 114 Lines • ▼ Show 20 Lines	Elf_Shdr_Range sections() const {
return makeArrayRef(section_begin(), section_end());		return makeArrayRef(section_begin(), section_end());
}		}

const Elf_Sym symbol_begin(const Elf_Shdr Sec) const {		const Elf_Sym symbol_begin(const Elf_Shdr Sec) const {
if (!Sec)		if (!Sec)
return nullptr;		return nullptr;
if (Sec->sh_entsize != sizeof(Elf_Sym))		if (Sec->sh_entsize != sizeof(Elf_Sym))
report_fatal_error("Invalid symbol size");		report_fatal_error("Invalid symbol size");
		if (Sec->sh_offset >= Buf.size())
		report_fatal_error("Invalid symbol offset");
return reinterpret_cast<const Elf_Sym *>(base() + Sec->sh_offset);		return reinterpret_cast<const Elf_Sym *>(base() + Sec->sh_offset);
}		}
const Elf_Sym symbol_end(const Elf_Shdr Sec) const {		const Elf_Sym symbol_end(const Elf_Shdr Sec) const {
if (!Sec)		if (!Sec)
return nullptr;		return nullptr;
uint64_t Size = Sec->sh_size;		uint64_t Size = Sec->sh_size;
if (Size % sizeof(Elf_Sym))		if (Size % sizeof(Elf_Sym))
report_fatal_error("Invalid symbol table size");		report_fatal_error("Invalid symbol table size");
▲ Show 20 Lines • Show All 387 Lines • Show Last 20 Lines

test/Object/Inputs/invalid-sh_offset.elf

This is a binary file.

Property	Old Value	New Value
svn:mime-type	null	application/octet-stream \ No newline at end of property

test/Object/invalid.test

	Show All 31 Lines
	SECTION-NEXT: Link:			SECTION-NEXT: Link:
	SECTION-NEXT: Info:			SECTION-NEXT: Info:
	SECTION-NEXT: AddressAlignment:			SECTION-NEXT: AddressAlignment:
	SECTION-NEXT: EntrySize: 32			SECTION-NEXT: EntrySize: 32

	RUN: not llvm-readobj -t %p/Inputs/invalid-sh_entsize.elf 2>&1 \| FileCheck --check-prefix=INVALID-SYM-SIZE %s			RUN: not llvm-readobj -t %p/Inputs/invalid-sh_entsize.elf 2>&1 \| FileCheck --check-prefix=INVALID-SYM-SIZE %s
	INVALID-SYM-SIZE: Invalid symbol size			INVALID-SYM-SIZE: Invalid symbol size

				RUN: not llvm-readobj -t %p/Inputs/invalid-sh_offset.elf 2>&1 \| FileCheck --check-prefix=INVALID-SYM-OFFSET %s
				INVALID-SYM-OFFSET: Invalid symbol offset

	RUN: not llvm-readobj --dyn-symbols %p/Inputs/invalid-sh_entsize.elf 2>&1 \| FileCheck --check-prefix=INVALID-DYNSYM-SIZE %s			RUN: not llvm-readobj --dyn-symbols %p/Inputs/invalid-sh_entsize.elf 2>&1 \| FileCheck --check-prefix=INVALID-DYNSYM-SIZE %s
	INVALID-DYNSYM-SIZE: Invalid entity size			INVALID-DYNSYM-SIZE: Invalid entity size

	RUN: not llvm-readobj -t %p/Inputs/invalid-section-index.elf 2>&1 \| FileCheck --check-prefix=INVALID-SECTION-INDEX %s			RUN: not llvm-readobj -t %p/Inputs/invalid-section-index.elf 2>&1 \| FileCheck --check-prefix=INVALID-SECTION-INDEX %s

	INVALID-SECTION-INDEX: Invalid section index			INVALID-SECTION-INDEX: Invalid section index

	RUN: not llvm-readobj -s %p/Inputs/invalid-section-size.elf 2>&1 \| FileCheck --check-prefix=INVALID-SECTION-SIZE %s			RUN: not llvm-readobj -s %p/Inputs/invalid-section-size.elf 2>&1 \| FileCheck --check-prefix=INVALID-SECTION-SIZE %s
	Show All 19 Lines