From af907194730941859a32c6fad1005aa9164bc713 Mon Sep 17 00:00:00 2001 From: Kevin Enderby Date: Fri, 9 Oct 2015 16:48:44 +0000 Subject: [PATCH] =?utf8?q?Fixed=20two=20bugs=20in=20llvm-objdump=E2=80=99s?= =?utf8?q?=20printing=20of=20Objective-C=20meta=20data=20from=20malformed?= =?utf8?q?=20Mach-O=20files=20that=20caused=20crashes.=20=20The=20first=20?= =?utf8?q?because=20the=20offset=20in=20a=20dyld=20bind=20table=20entry=20?= =?utf8?q?was=20out=20of=20range.=20=20The=20second=20because=20their=20wa?= =?utf8?q?s=20no=20image=20info=20section=20and=20the=20routine=20printing?= =?utf8?q?=20it=20did=20not=20have=20the=20need=20check=20to=20see=20the?= =?utf8?q?=20section=20did=20not=20exist.?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit rdar://22983603 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@249845 91177308-0d34-0410-b5e6-96231b3b80d8 --- .../malformed-machos/mem-crup-0080.macho | Bin 0 -> 9166 bytes .../malformed-machos/mem-crup-0261.macho | Bin 0 -> 8752 bytes test/tools/llvm-objdump/malformed-machos.test | 9 ++++++++ tools/llvm-objdump/MachODump.cpp | 20 ++++++++++++++++++ 4 files changed, 29 insertions(+) create mode 100644 test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0080.macho create mode 100644 test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0261.macho diff --git a/test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0080.macho b/test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0080.macho new file mode 100644 index 0000000000000000000000000000000000000000..53e3a97b4aa96e48353a6d5d5fe879fff2271a85 GIT binary patch literal 9166 zcmeHNU1(fI6rODw8)LNFDj2ouR#U0k?2XcvC=~KrHX55Yn}|P@>2CHWx$WJb?!8O9 zVsS&Q7(!tm{DD4+_|}&`_#z?{^uaeD^r25u@P`N$f<9OZ8ox6?yR&yUX^YiJx`)iq zIcMfOXU?6uJ9j4ET>JH}O^nU8Fvjjc3L{;H;Ebp-_5k>=H!#Ne#PBNmFoPwC&Gk5^1{*?;V9lF(T5ut>g?E<%(EN4q$UncBtM~5%g{PmN=2ylmWKKAl6n8SyS>bQ(eECS>#S{SX zHSyEHs^r|B<a|MZB=dEz>rAM~&DH`!9-bq4UD zRTgDCh3BLbGd4ZiAYLTkAMvX{S22$T_yuW#?L;4QOe9`Sr@Dzk`RCbg-k!$mAn4yE zU=!)_5^vhV`co}rJB?S!DRJQWUJl?9Z{h)^5nd|cCxn5Ze~YU1L1~^5AHY)@S;g*iljZ`g(Vp#$ZAEzm02g73-cx$a zRHsC3$uIp*M753%qQ4qajqV|EWas>r*T|ti-u*m&ZsO5GZx>_;DP!&JB0Z&fl7Tvq zjv!HAvd_YA0e)A=iWfcKPFtf+GM~s7t^M>WI+4vE^Q`^ZLI%&%$!4PB1w~TpWjpUd z;#q@+9&m&&e*9Ei?nNxo&G9(_{-%TpP)W^_Tl$Y^v9QXoIzQh zMaF*l89ON_0D#4|Q9F=X(yoKPc6XzsG^4(3s7_C|13kl{ zHyFU&Ckj;F7-ylA;ZV3^Q(Kw91N5fC(K}47ok`$8uv39mWyI>rS^qQ_2 z@_j9AaXSt_%DC(i^w}e_y!L$uT@LL+GNY_dKg0zNbd}vV2~tSxRm$Xzhu|g4_Mx0^ z39*mIzMCWw0Y#DNGmMMiy9}Q6T}b-B6o@~7O!MD@k05Eff=Wa)D5-slGDUZyeh-qi zw+;2pIKR+m9eWh7&pgJ#<4=#1IRXCd5NkE{9|rX2C0~gT9hInGT%nJ zW!tc$6mn{N-I;7YjqAyiy?goI-J+R1Yl~)C_v_VJ6rrQI!>o3JRMkqc!VJ7+K(*#8 Y>r;wN<5gAtqHMIpurgCME0d;NN_0_9-ullQM z=*fGw_~!i@AquO6nEOHqQG_n67UH(B&=X=abQCJ(#PE-micgyh_(($hNG44H&2Ra_loI;$Bk$94p=lTjN<;d{laK?l4>p9o-d^6{Y zJJ*dZrRU0UwpsIC*@}YyjF*PtMdkWb$bXzq4@l`&KNhcu^_<_Q=M!h+@!nI><7D@>3-4K(6Rae6AM7S#EtZwMgJoF!#r)9U0_cYw+9||a z*sq}zP|8}Z1=w}akDXT;>+yOo6W$*S${cn(3~bk_*^ODZ0ZiEnGHFkl!k3>XFs1D~IPsnNTCkKX%% zAFr?YHGXK}(v!~M9D1kjZNC9Ce6BNCg`J;9BmVuT)9H*V*Yyur=l#HK?8KL{5Zma3 zWG%m?`K^5zmijaL6!!UhrXMSd@oJ7Pbz+3(zW)7}Vq*;hh5^HXVZbn87%&VN1`Gp+ z0mFb{z%XDK`2RC7u&a26PcbmWVqaVgmo?OfQM^7AhAW>6RSd?MS9A{?*U2{YEJNRnZkrOlyi9Ea&i1;47;N;?DT>ccg4#bW_^{lSI7|imawNn z6@>Og;76(&+9N8w9{DXha=h7t&1!wx&vr$#>UgF4CoDSAcHD+N=0z%Ks)kdIRG0}= ys>SZJ%0*7K+;O^gP1U3Dpyvn8s%y_2J0g!9w&Uc!khE#L!f7Vwz3e{35B&jAYWsQs literal 0 HcmV?d00001 diff --git a/test/tools/llvm-objdump/malformed-machos.test b/test/tools/llvm-objdump/malformed-machos.test index 2167c706550..732cdb665b9 100644 --- a/test/tools/llvm-objdump/malformed-machos.test +++ b/test/tools/llvm-objdump/malformed-machos.test @@ -24,3 +24,12 @@ # RUN: | FileCheck -check-prefix=m0040 %s # m0040: 00000000000010a0 0xf39 -[tiny_dylib init] + +# RUN: llvm-objdump -macho -objc-meta-data \ +# RUN: %p/Inputs/malformed-machos/mem-crup-0080.macho \ +# RUN: | FileCheck -check-prefix=m0080 %s + +# m0080: data 0xf960000 (struct class_ro_t *) + +# RUN: llvm-objdump -macho -objc-meta-data \ +# RUN: %p/Inputs/malformed-machos/mem-crup-0261.macho diff --git a/tools/llvm-objdump/MachODump.cpp b/tools/llvm-objdump/MachODump.cpp index 993e9e6817b..9682e4a3307 100644 --- a/tools/llvm-objdump/MachODump.cpp +++ b/tools/llvm-objdump/MachODump.cpp @@ -4984,6 +4984,9 @@ static void print_image_info64(SectionRef S, struct DisassembleInfo *info) { struct objc_image_info64 o; const char *r; + if (S == SectionRef()) + return; + StringRef SectName; S.getName(SectName); DataRefImpl Ref = S.getRawDataRefImpl(); @@ -8498,6 +8501,7 @@ public: StringRef segmentName(uint32_t SegIndex); StringRef sectionName(uint32_t SegIndex, uint64_t SegOffset); uint64_t address(uint32_t SegIndex, uint64_t SegOffset); + bool isValidSegIndexAndOffset(uint32_t SegIndex, uint64_t SegOffset); private: struct SectionInfo { @@ -8546,6 +8550,20 @@ StringRef SegInfo::segmentName(uint32_t SegIndex) { llvm_unreachable("invalid segIndex"); } +bool SegInfo::isValidSegIndexAndOffset(uint32_t SegIndex, + uint64_t OffsetInSeg) { + for (const SectionInfo &SI : Sections) { + if (SI.SegmentIndex != SegIndex) + continue; + if (SI.OffsetInSegment > OffsetInSeg) + continue; + if (OffsetInSeg >= (SI.OffsetInSegment + SI.Size)) + continue; + return true; + } + return false; +} + const SegInfo::SectionInfo &SegInfo::findSection(uint32_t SegIndex, uint64_t OffsetInSeg) { for (const SectionInfo &SI : Sections) { @@ -8714,6 +8732,8 @@ static const char *get_dyld_bind_info_symbolname(uint64_t ReferenceValue, for (const llvm::object::MachOBindEntry &Entry : info->O->bindTable()) { uint32_t SegIndex = Entry.segmentIndex(); uint64_t OffsetInSeg = Entry.segmentOffset(); + if (!sectionTable.isValidSegIndexAndOffset(SegIndex, OffsetInSeg)) + continue; uint64_t Address = sectionTable.address(SegIndex, OffsetInSeg); const char *SymbolName = nullptr; StringRef name = Entry.symbolName(); -- 2.34.1