Index: lib/DebugInfo/DWARF/DWARFContext.cpp =================================================================== --- lib/DebugInfo/DWARF/DWARFContext.cpp +++ lib/DebugInfo/DWARF/DWARFContext.cpp @@ -1149,7 +1149,16 @@ StringMap SectionAmountMap; for (const SectionRef &Section : Obj.sections()) { StringRef Name; - Section.getName(Name); + auto Err = Section.getName(Name); + if (Err) { + ErrorPolicy EP = HandleError( + createError("could not get section name in " + Obj.getFileName(), + errorCodeToError(Err))); + if (EP == ErrorPolicy::Halt) + return; + return; + } + ++SectionAmountMap[Name]; SectionNames.push_back({ Name, true }); Index: lib/Object/WasmObjectFile.cpp =================================================================== --- lib/Object/WasmObjectFile.cpp +++ lib/Object/WasmObjectFile.cpp @@ -178,8 +178,7 @@ } static Error readSection(WasmSection &Section, const uint8_t *&Ptr, - const uint8_t *Start) { - // TODO(sbc): Avoid reading past EOF in the case of malformed files. + const uint8_t *Start, const uint8_t *Eof) { Section.Offset = Ptr - Start; Section.Type = readVaruint7(Ptr); uint32_t Size = readVaruint32(Ptr); @@ -188,6 +187,9 @@ object_error::parse_failed); Section.Content = ArrayRef(Ptr, Size); Ptr += Size; + if (Ptr > Eof) + return make_error("Section too large", + object_error::parse_failed); return Error::success(); } @@ -221,7 +223,7 @@ WasmSection Sec; while (Ptr < Eof) { - if ((Err = readSection(Sec, Ptr, getPtr(0)))) + if ((Err = readSection(Sec, Ptr, getPtr(0), Eof))) return; if ((Err = parseSection(Sec))) return; Index: test/tools/llvm-dwarfdump/X86/fuzzer.test =================================================================== --- /dev/null +++ test/tools/llvm-dwarfdump/X86/fuzzer.test @@ -0,0 +1,2 @@ +RUN: not llvm-dwarfdump %S/Inputs/oss-fuzz-3219 2>&1 | FileCheck --check-prefix=FUZZ3219 %s +FUZZ3219: oss-fuzz-3219: Invalid data was encountered while parsing the file