[Object/ELF] - Do not crash on invalid sh_offset value of REL[A] section.

author George Rimar <grimar@accesssoftek.com>

Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)

committer George Rimar <grimar@accesssoftek.com>

Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)
author George Rimar <grimar@accesssoftek.com>
Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)
committer George Rimar <grimar@accesssoftek.com>
Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)
diff --git a/include/llvm/Object/ELF.h b/include/llvm/Object/ELF.h

index b08b427b8116d4527b7742f445112d8f66819347..586f9d643c33944a16370491c4893501d1784518 100644 (file)
--- a/include/llvm/Object/ELF.h
+++ b/include/llvm/Object/ELF.h
@@ -137,6 +137,8 @@ public:
    const Elf_Rela *rela_begin(const Elf_Shdr *sec) const {
      if (sec->sh_entsize != sizeof(Elf_Rela))
        report_fatal_error("Invalid relocation entry size");
+    if (sec->sh_offset >= Buf.size())
+      report_fatal_error("Invalid relocation entry offset");
      return reinterpret_cast<const Elf_Rela *>(base() + sec->sh_offset);
    }
  
@@ -154,6 +156,8 @@ public:
    const Elf_Rel *rel_begin(const Elf_Shdr *sec) const {
      if (sec->sh_entsize != sizeof(Elf_Rel))
        report_fatal_error("Invalid relocation entry size");
+    if (sec->sh_offset >= Buf.size())
+      report_fatal_error("Invalid relocation entry offset");
      return reinterpret_cast<const Elf_Rel *>(base() + sec->sh_offset);
    }
  
diff --git a/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386 b/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386

new file mode 100644 (file)

index 0000000..84fcd0d

Binary files /dev/null and b/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386 differ
diff --git a/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 b/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64

new file mode 100644 (file)

index 0000000..aae6c1e

Binary files /dev/null and b/test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 differ
diff --git a/test/Object/invalid.test b/test/Object/invalid.test

index e19583d4be1e6d71eb0188e1721933128bbec760..2d5e0e27440938a6ee2027e0feb0e00afe0fe643 100644 (file)
--- a/test/Object/invalid.test
+++ b/test/Object/invalid.test
@@ -58,3 +58,9 @@ INVALID-XINDEX-SIZE: Invalid data was encountered while parsing the file.
  RUN: not llvm-readobj -t %p/Inputs/invalid-ext-symtab-index.elf-x86-64 2>&1 | \
  RUN:   FileCheck --check-prefix=INVALID-EXT-SYMTAB-INDEX %s
  INVALID-EXT-SYMTAB-INDEX: Invalid symbol table index
+
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-i386 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
+RUN: not llvm-readobj -r %p/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-RELOC-SH-OFFSET %s
+INVALID-RELOC-SH-OFFSET: Invalid relocation entry offset
author	George Rimar <grimar@accesssoftek.com>
	Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)
committer	George Rimar <grimar@accesssoftek.com>
	Tue, 4 Oct 2016 09:25:39 +0000 (09:25 +0000)
include/llvm/Object/ELF.h		patch \| blob \| history
test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-i386	[new file with mode: 0644]	patch \| blob
test/Object/Inputs/invalid-relocation-sec-sh_offset.elf-x86-64	[new file with mode: 0644]	patch \| blob
test/Object/invalid.test		patch \| blob \| history