This is an archive of the discontinued LLVM Phabricator instance.

[Object/ELF] - Do section header sh_offset/sh_size values check once during object loading.
AbandonedPublic

Authored by grimar on Oct 6 2016, 5:19 AM.

Download Raw Diff

Details

Reviewers

davide
• rafael

Summary

This helps to keep client code cleaner.
For example we have next code in LLD:

auto *Begin =
    reinterpret_cast<const Elf_Dyn *>(Obj.base() + DynamicSec->sh_offset);
const Elf_Dyn *End = Begin + DynamicSec->sh_size / sizeof(Elf_Dyn);

sh_offset and/or sh_size may be broken here and the same situation can be found for some other sections.
Instead of placing multiple checks in LLD, I suggest this change to check object once during loading.

Diff Detail

Event Timeline

grimar updated this revision to Diff 73769.Oct 6 2016, 5:19 AM

grimar retitled this revision from to [Object/ELF] - Do section header sh_offset/sh_size values check once during object loading..

grimar updated this object.

grimar added reviewers: • rafael, davide.

grimar mentioned this in D25239: [Object/ELF] - Do not crash on invalid sh_size value of REL[A] section..

grimar added subscribers: llvm-commits, grimar, evgeny777.

I don't think we should do this. Eagerly checking for errors means that a program would be unable to look at the file even if it is not hitting that particular corruption.

For example, at some point llvm-readobj should be able to just report a broken section offset and keep going. This makes it impossible.

Looks like what is needed is a dyns() function that return a Elf_Dyn range. Maybe implement it with a template so that rels() relas() can share the code?

This revision now requires changes to proceed.Oct 6 2016, 5:35 AM

D25327 solves the problem of dynamic section size instead.

Revision Contents

Path

Size

include/

llvm/

Object/

	ELF.h
	ELF.h (revision 283304)

12 lines

test/

Object/

Inputs/

	invalid-relocation-sec-sh_size.elf-i386
	invalid-relocation-sec-sh_size.elf-i386 (nonexistent)

	invalid-relocation-sec-sh_size.elf-x86-64
	invalid-relocation-sec-sh_size.elf-x86-64 (nonexistent)

	invalid.test
	invalid.test (revision 283304)

8 lines

Diff 73769

include/llvm/Object/ELF.h

Show First 20 Lines • Show All 131 Lines • ▼ Show 20 Lines	public:
}		}
Elf_Sym_Range symbols(const Elf_Shdr *Sec) const {		Elf_Sym_Range symbols(const Elf_Shdr *Sec) const {
return makeArrayRef(symbol_begin(Sec), symbol_end(Sec));		return makeArrayRef(symbol_begin(Sec), symbol_end(Sec));
}		}

const Elf_Rela rela_begin(const Elf_Shdr sec) const {		const Elf_Rela rela_begin(const Elf_Shdr sec) const {
if (sec->sh_entsize != sizeof(Elf_Rela))		if (sec->sh_entsize != sizeof(Elf_Rela))
report_fatal_error("Invalid relocation entry size");		report_fatal_error("Invalid relocation entry size");
if (sec->sh_offset >= Buf.size())
report_fatal_error("Invalid relocation entry offset");
return reinterpret_cast<const Elf_Rela *>(base() + sec->sh_offset);		return reinterpret_cast<const Elf_Rela *>(base() + sec->sh_offset);
}		}

const Elf_Rela rela_end(const Elf_Shdr sec) const {		const Elf_Rela rela_end(const Elf_Shdr sec) const {
uint64_t Size = sec->sh_size;		uint64_t Size = sec->sh_size;
if (Size % sizeof(Elf_Rela))		if (Size % sizeof(Elf_Rela))
report_fatal_error("Invalid relocation table size");		report_fatal_error("Invalid relocation table size");
return rela_begin(sec) + Size / sizeof(Elf_Rela);		return rela_begin(sec) + Size / sizeof(Elf_Rela);
}		}

Elf_Rela_Range relas(const Elf_Shdr *Sec) const {		Elf_Rela_Range relas(const Elf_Shdr *Sec) const {
return makeArrayRef(rela_begin(Sec), rela_end(Sec));		return makeArrayRef(rela_begin(Sec), rela_end(Sec));
}		}

const Elf_Rel rel_begin(const Elf_Shdr sec) const {		const Elf_Rel rel_begin(const Elf_Shdr sec) const {
if (sec->sh_entsize != sizeof(Elf_Rel))		if (sec->sh_entsize != sizeof(Elf_Rel))
report_fatal_error("Invalid relocation entry size");		report_fatal_error("Invalid relocation entry size");
if (sec->sh_offset >= Buf.size())
report_fatal_error("Invalid relocation entry offset");
return reinterpret_cast<const Elf_Rel *>(base() + sec->sh_offset);		return reinterpret_cast<const Elf_Rel *>(base() + sec->sh_offset);
}		}

const Elf_Rel rel_end(const Elf_Shdr sec) const {		const Elf_Rel rel_end(const Elf_Shdr sec) const {
uint64_t Size = sec->sh_size;		uint64_t Size = sec->sh_size;
if (Size % sizeof(Elf_Rel))		if (Size % sizeof(Elf_Rel))
report_fatal_error("Invalid relocation table size");		report_fatal_error("Invalid relocation table size");
return rel_begin(sec) + Size / sizeof(Elf_Rel);		return rel_begin(sec) + Size / sizeof(Elf_Rel);
▲ Show 20 Lines • Show All 211 Lines • ▼ Show 20 Lines	if ((EC = StrTabSecOrErr.getError()))
return;		return;

ErrorOr<StringRef> StringTableOrErr = getStringTable(*StrTabSecOrErr);		ErrorOr<StringRef> StringTableOrErr = getStringTable(*StrTabSecOrErr);
if ((EC = StringTableOrErr.getError()))		if ((EC = StringTableOrErr.getError()))
return;		return;
DotShstrtab = *StringTableOrErr;		DotShstrtab = *StringTableOrErr;
}		}

		for (const Elf_Shdr &Sec : sections()) {
		if ((Sec.sh_offset > getBufSize()) \|\|
		(Sec.sh_offset + Sec.sh_size > getBufSize())) {
		EC = object_error::parse_failed;
		return;
		}
		}

EC = std::error_code();		EC = std::error_code();
}		}

template <class ELFT>		template <class ELFT>
static bool compareAddr(uint64_t VAddr, const Elf_Phdr_Impl<ELFT> *Phdr) {		static bool compareAddr(uint64_t VAddr, const Elf_Phdr_Impl<ELFT> *Phdr) {
return VAddr < Phdr->p_vaddr;		return VAddr < Phdr->p_vaddr;
}		}

▲ Show 20 Lines • Show All 122 Lines • Show Last 20 Lines

test/Object/Inputs/invalid-relocation-sec-sh_size.elf-i386

This is a binary file.

Property	Old Value	New Value
svn:mime-type	null	application/octet-stream \ No newline at end of property

test/Object/Inputs/invalid-relocation-sec-sh_size.elf-x86-64

This is a binary file.

Property	Old Value	New Value
svn:mime-type	null	application/octet-stream \ No newline at end of property

test/Object/invalid.test

	Show First 20 Lines • Show All 57 Lines • ▼ Show 20 Lines
	RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 \| \			RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 \| \
	RUN: FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s			RUN: FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s
	INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index			INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index

	RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-i386 2>&1 \| \			RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-i386 2>&1 \| \
	RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s			RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
	RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 2>&1 \| \			RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 2>&1 \| \
	RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s			RUN: FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
	INVALID-RELOC-SH-OFFSET: Invalid relocation entry offset			INVALID-RELOC-SH-OFFSET: Invalid data was encountered while parsing the file

				RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_size.elf-i386 2>&1 \| \
				RUN: FileCheck --check-prefix=INVALID-RELOC-SH-SIZE %s
				RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_size.elf-x86-64 2>&1 \| \
				RUN: FileCheck --check-prefix=INVALID-RELOC-SH-SIZE %s
				INVALID-RELOC-SH-SIZE: Invalid data was encountered while parsing the file