[pdb] Try to fix use after free.

llvm-svn: 272078
author: Zachary Turner <zturner@google.com> 2016-06-08 00:25:08 +0000
committer: Zachary Turner <zturner@google.com> 2016-06-08 00:25:08 +0000
commit: d2b2bfed9465847baa82a314d4da161b368395bb (patch)
tree: a394e7cbf39161112109b311381b2afc0e14de4c /llvm/lib/DebugInfo/PDB
parent: a483eae2ff21d238ba3a872ef72ec7943acaefa2 (diff)
download: bcm5719-llvm-d2b2bfed9465847baa82a314d4da161b368395bb.tar.gz
bcm5719-llvm-d2b2bfed9465847baa82a314d4da161b368395bb.zip
3 files changed, 13 insertions, 0 deletions
diff --git a/llvm/lib/DebugInfo/PDB/Raw/DbiStream.cpp b/llvm/lib/DebugInfo/PDB/Raw/DbiStream.cpp
index 80441ccd825..90bc2a2e556 100644
--- a/llvm/lib/DebugInfo/PDB/Raw/DbiStream.cpp
+++ b/llvm/lib/DebugInfo/PDB/Raw/DbiStream.cpp
@@ -293,6 +293,9 @@ Error DbiStream::initializeSectionContributionData() {
 // Initializes this->SectionHeaders.
 Error DbiStream::initializeSectionHeadersData() {
   uint32_t StreamNum = getDebugStreamIndex(DbgHeaderType::SectionHdr);
+  if (StreamNum >= Pdb.getNumStreams())
+    return make_error<RawError>(raw_error_code::no_stream);
+
   SectionHeaderStream.reset(new MappedBlockStream(
       llvm::make_unique<IndexedStreamData>(StreamNum, Pdb), Pdb));
 
@@ -312,6 +315,9 @@ Error DbiStream::initializeSectionHeadersData() {
 // Initializes this->Fpos.
 Error DbiStream::initializeFpoRecords() {
   uint32_t StreamNum = getDebugStreamIndex(DbgHeaderType::NewFPO);
+  if (StreamNum >= Pdb.getNumStreams())
+    return make_error<RawError>(raw_error_code::no_stream);
+
   FpoStream.reset(new MappedBlockStream(
       llvm::make_unique<IndexedStreamData>(StreamNum, Pdb), Pdb));
 
diff --git a/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp b/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
index 22094773624..2796abf3ea5 100644
--- a/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
+++ b/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
@@ -325,6 +325,9 @@ Expected<NameHashTable &> PDBFile::getStringTable() {
 
     if (NameStreamIndex == 0)
       return make_error<RawError>(raw_error_code::no_stream);
+    if (NameStreamIndex >= getNumStreams())
+      return make_error<RawError>(raw_error_code::no_stream);
+
     auto SD = llvm::make_unique<IndexedStreamData>(NameStreamIndex, *this);
     auto S = llvm::make_unique<MappedBlockStream>(std::move(SD), *this);
     codeview::StreamReader Reader(*S);
diff --git a/llvm/lib/DebugInfo/PDB/Raw/TpiStream.cpp b/llvm/lib/DebugInfo/PDB/Raw/TpiStream.cpp
index 386f8ac80a5..f34a513f499 100644
--- a/llvm/lib/DebugInfo/PDB/Raw/TpiStream.cpp
+++ b/llvm/lib/DebugInfo/PDB/Raw/TpiStream.cpp
@@ -104,6 +104,10 @@ Error TpiStream::reload() {
     return EC;
 
   // Hash indices, hash values, etc come from the hash stream.
+  if (Header->HashStreamIndex >= Pdb.getNumStreams())
+    return make_error<RawError>(raw_error_code::corrupt_file,
+                                "Invalid TPI hash stream index.");
+
   HashStream.reset(new MappedBlockStream(
       llvm::make_unique<IndexedStreamData>(Header->HashStreamIndex, Pdb), Pdb));
   codeview::StreamReader HSR(*HashStream);
author	Zachary Turner <zturner@google.com>	2016-06-08 00:25:08 +0000
committer	Zachary Turner <zturner@google.com>	2016-06-08 00:25:08 +0000
commit	d2b2bfed9465847baa82a314d4da161b368395bb (patch)
tree	a394e7cbf39161112109b311381b2afc0e14de4c /llvm/lib/DebugInfo/PDB
parent	a483eae2ff21d238ba3a872ef72ec7943acaefa2 (diff)
download	bcm5719-llvm-d2b2bfed9465847baa82a314d4da161b368395bb.tar.gz bcm5719-llvm-d2b2bfed9465847baa82a314d4da161b368395bb.zip