Previously code would access invalid memory and may crash,
patch fixes the issue. Used AFL and latest lld code with WIP patches applied to find.
Details
Details
Diff Detail
Diff Detail
Paths
| Differential D25187
[Object/ELF] - Do not crash on invalid sh_offset value of REL[A] section. ClosedPublic Authored by grimar on Oct 3 2016, 7:02 AM.
Details Summary Previously code would access invalid memory and may crash,
Diff Detail Event Timeline• rafael edited edge metadata. Comment ActionsLGTM. It should be possible to craft a similar crash by patching sh_size, no? This revision is now accepted and ready to land.Oct 3 2016, 9:26 AM Comment Actions
Yes, I think so. I'll take a look what will happen and probably prepare a patch. Closed by commit rL283204: [Object/ELF] - Do not crash on invalid sh_offset value of REL[A] section. (authored by grimar). · Explain WhyOct 4 2016, 2:34 AM This revision was automatically updated to reflect the committed changes.
Revision Contents
Diff 73272 include/llvm/Object/ELF.h
test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386
test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64
test/Object/invalid.test
|