diff options
| author | Jason Molenda <jmolenda@apple.com> | 2015-04-02 04:35:32 +0000 |
|---|---|---|
| committer | Jason Molenda <jmolenda@apple.com> | 2015-04-02 04:35:32 +0000 |
| commit | c48ef341e13f4a90f2d64e2455495c1b376ef501 (patch) | |
| tree | a0505a185c444dbac88f33f929b5e36c4ee56696 | |
| parent | b1cd98a18d1e46f9e30ee14a042463b901752634 (diff) | |
| download | bcm5719-llvm-c48ef341e13f4a90f2d64e2455495c1b376ef501.tar.gz bcm5719-llvm-c48ef341e13f4a90f2d64e2455495c1b376ef501.zip | |
Add a tiny bit of hardening to the eh_frame and compact unwind parsing.
When we're seeing offsets that exceed the size of our section, don't
try to use that unwind info.
<rdar://problem/20113673>
llvm-svn: 233886
| -rw-r--r-- | lldb/source/Symbol/CompactUnwindInfo.cpp | 10 | ||||
| -rw-r--r-- | lldb/source/Symbol/DWARFCallFrameInfo.cpp | 25 |
2 files changed, 34 insertions, 1 deletions
diff --git a/lldb/source/Symbol/CompactUnwindInfo.cpp b/lldb/source/Symbol/CompactUnwindInfo.cpp index 2167516649f..ae99f30a7c1 100644 --- a/lldb/source/Symbol/CompactUnwindInfo.cpp +++ b/lldb/source/Symbol/CompactUnwindInfo.cpp @@ -283,9 +283,17 @@ CompactUnwindInfo::ScanIndex (const ProcessSP &process_sp) uint32_t indexCount = m_unwindinfo_data.GetU32(&offset); - if (m_unwind_header.version != 1) + if (m_unwind_header.common_encodings_array_offset > m_unwindinfo_data.GetByteSize() + || m_unwind_header.personality_array_offset > m_unwindinfo_data.GetByteSize() + || indexSectionOffset > m_unwindinfo_data.GetByteSize() + || offset > m_unwindinfo_data.GetByteSize()) { + Host::SystemLog (Host::eSystemLogError, + "error: Invalid offset encountered in compact unwind info, skipping\n"); + // don't trust anything from this compact_unwind section if it looks + // blatently invalid data in the header. m_indexes_computed = eLazyBoolNo; + return; } // Parse the basic information from the indexes diff --git a/lldb/source/Symbol/DWARFCallFrameInfo.cpp b/lldb/source/Symbol/DWARFCallFrameInfo.cpp index 92d9f8b808d..b689676addc 100644 --- a/lldb/source/Symbol/DWARFCallFrameInfo.cpp +++ b/lldb/source/Symbol/DWARFCallFrameInfo.cpp @@ -365,6 +365,31 @@ DWARFCallFrameInfo::GetFDEIndex () cie_offset = current_entry + 4 - cie_id; } + if (next_entry > m_cfi_data.GetByteSize() + 1) + { + Host::SystemLog (Host::eSystemLogError, + "error: Invalid fde/cie next entry offset of 0x%x found in cie/fde at 0x%x\n", + next_entry, + current_entry); + // Don't trust anything in this eh_frame section if we find blatently + // invalid data. + m_fde_index.Clear(); + m_fde_index_initialized = true; + return; + } + if (cie_offset > m_cfi_data.GetByteSize()) + { + Host::SystemLog (Host::eSystemLogError, + "error: Invalid cie offset of 0x%x found in cie/fde at 0x%x\n", + cie_offset, + current_entry); + // Don't trust anything in this eh_frame section if we find blatently + // invalid data. + m_fde_index.Clear(); + m_fde_index_initialized = true; + return; + } + if (cie_id == 0 || cie_id == UINT32_MAX || len == 0) { m_cie_map[current_entry] = ParseCIE (current_entry); |
