Next set of additional error checks for invalid Mach-O files for the

load commands that use the MachO::routines_command and
and MachO::routines_command_64 types but are not used in llvm
libObject code but used in llvm tool code.

This includes the LC_ROUTINES and LC_ROUTINES_64
load commands.

llvm-svn: 284504

4 files changed, 31 insertions, 0 deletions

diff --git a/llvm/lib/Object/MachOObjectFile.cpp b/llvm/lib/Object/MachOObjectFile.cpp
index 9c927adc1f4..c0d7d83d08e 100644
--- a/llvm/lib/Object/MachOObjectFile.cpp
+++ b/llvm/lib/Object/MachOObjectFile.cpp
@@ -837,6 +837,7 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian,
   const char *SourceLoadCmd = nullptr;
   const char *EntryPointLoadCmd = nullptr;
   const char *EncryptLoadCmd = nullptr;
+  const char *RoutinesLoadCmd = nullptr;
   for (unsigned I = 0; I < LoadCommandCount; ++I) {
     if (is64Bit()) {
       if (Load.C.cmdsize % 8 != 0) {
@@ -1064,6 +1065,30 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian,
                                  sizeof(MachO::sub_client_command),
                                  "sub_client_command", S.client, "client")))
         return;
+    } else if (Load.C.cmd == MachO::LC_ROUTINES) {
+      if (Load.C.cmdsize != sizeof(MachO::routines_command)) {
+        Err = malformedError("LC_ROUTINES command " + Twine(I) +
+                             " has incorrect cmdsize");
+        return;
+      }
+      if (RoutinesLoadCmd) {
+        Err = malformedError("more than one LC_ROUTINES and or LC_ROUTINES_64 "
+                             "command");
+        return;
+      }
+      RoutinesLoadCmd = Load.Ptr;
+    } else if (Load.C.cmd == MachO::LC_ROUTINES_64) {
+      if (Load.C.cmdsize != sizeof(MachO::routines_command_64)) {
+        Err = malformedError("LC_ROUTINES_64 command " + Twine(I) +
+                             " has incorrect cmdsize");
+        return;
+      }
+      if (RoutinesLoadCmd) {
+        Err = malformedError("more than one LC_ROUTINES_64 and or LC_ROUTINES "
+                             "command");
+        return;
+      }
+      RoutinesLoadCmd = Load.Ptr;
     }
     if (I < LoadCommandCount - 1) {
       if (auto LoadOrErr = getNextLoadCommandInfo(this, I, Load))
diff --git a/llvm/test/Object/Inputs/macho-invalid-routines-bad-size b/llvm/test/Object/Inputs/macho-invalid-routines-bad-size
new file mode 100644
index 00000000000..3cc5ae59eaa
--- /dev/null
+++ b/llvm/test/Object/Inputs/macho-invalid-routines-bad-size
diff --git a/llvm/test/Object/Inputs/macho-invalid-routines64-more-than-one b/llvm/test/Object/Inputs/macho-invalid-routines64-more-than-one
new file mode 100644
index 00000000000..6dea1d60770
--- /dev/null
+++ b/llvm/test/Object/Inputs/macho-invalid-routines64-more-than-one
diff --git a/llvm/test/Object/macho-invalid.test b/llvm/test/Object/macho-invalid.test
index d9af43933ab..8b33149bb80 100644
--- a/llvm/test/Object/macho-invalid.test
+++ b/llvm/test/Object/macho-invalid.test
@@ -367,3 +367,9 @@ INVALID-SUBLIB-NAME_OFFSET-TOOBIG: macho-invalid-sublibrary-name_offset-toobig':
 
 RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-subclient-name_toobig 2>&1 | FileCheck -check-prefix INVALID-SUBCLIENT-NAME-TOOBIG %s
 INVALID-SUBCLIENT-NAME-TOOBIG: macho-invalid-subclient-name_toobig': truncated or malformed object (load command 0 LC_SUB_CLIENT client name extends past the end of the load command)
+
+RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-routines-bad-size 2>&1 | FileCheck -check-prefix INVALID-ROUTINES-BAD-SIZE %s
+INVALID-ROUTINES-BAD-SIZE: macho-invalid-routines-bad-size': truncated or malformed object (LC_ROUTINES command 0 has incorrect cmdsize)
+
+RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-routines64-more-than-one 2>&1 | FileCheck -check-prefix INVALID-ROUTINES64-MORE-THAN-ONE %s
+INVALID-ROUTINES64-MORE-THAN-ONE: macho-invalid-routines64-more-than-one': truncated or malformed object (more than one LC_ROUTINES_64 and or LC_ROUTINES command)