diff options
| author | Kevin Enderby <enderby@apple.com> | 2016-04-13 21:17:58 +0000 |
|---|---|---|
| committer | Kevin Enderby <enderby@apple.com> | 2016-04-13 21:17:58 +0000 |
| commit | 870257455762cc35b609e6050abebd905d73dccc (patch) | |
| tree | 68eb93752d00a63fae343c66483378fbca007e54 /llvm/lib/Object/MachOObjectFile.cpp | |
| parent | 8331458deb1706c00ca98815a6edb42ba526ad36 (diff) | |
| download | bcm5719-llvm-870257455762cc35b609e6050abebd905d73dccc.tar.gz bcm5719-llvm-870257455762cc35b609e6050abebd905d73dccc.zip | |
Start to add real error messages for malformed Mach-O files.
And update the existing test cases in test/Object/macho-invalid.test
to use llvm-objdump with the -macho option to produce these
error messages and stop producing the generic "Invalid data
was encountered while parsing the file" message.
Working from the beginning of the file, if the mach header is too large for
the size of the file and then if the load commands that follow extend past
the end of the file these two errors now generate correct error messages.
Both of these have existing test cases in test/Object/macho-invalid.test .
But the first with macho-invalid-header it will never trigger the error message
"mach header extends past the end of the file" using any of the llvm tools as
they all use identify_magic() which rejects files with the correct magic number
that are too small in size. So I tested this by hacking that code and seeing the
error message down in parseHeader() really does happen. So in case there
is ever code in llvm that directly calls createMachOObjectFile() this error
message will be correctly produced.
The second error message of "load commands extends past the end of the file"
is triggered by a number of existing tests cases in test/Object/macho-invalid.test .
Also other tests trigger different error messages now like "ilocalsym plus
nlocalsym in LC_DYSYMTAB load command extends past the end of the
symbol table".
There are two existing test cases that still get the "Invalid data was encountered ..."
error messages that I will tackle next. But they will involve a bit of pluming an
Expect<...> up through the call stack and I want to do those as separate changes.
FYI, for those test cases that were trying to test specific errors that now get
different errors I’ll fix those in follow on changes and create new test cases
for those so they test the error they were meant to test.
llvm-svn: 266248
Diffstat (limited to 'llvm/lib/Object/MachOObjectFile.cpp')
| -rw-r--r-- | llvm/lib/Object/MachOObjectFile.cpp | 19 |
1 files changed, 17 insertions, 2 deletions
diff --git a/llvm/lib/Object/MachOObjectFile.cpp b/llvm/lib/Object/MachOObjectFile.cpp index c6643cb8c03..deb7f9cece3 100644 --- a/llvm/lib/Object/MachOObjectFile.cpp +++ b/llvm/lib/Object/MachOObjectFile.cpp @@ -208,6 +208,11 @@ getNextLoadCommandInfo(const MachOObjectFile *Obj, template <typename T> static void parseHeader(const MachOObjectFile *Obj, T &Header, Error &Err) { + if (sizeof(T) > Obj->getData().size()) { + Err = malformedError(*Obj, "truncated or malformed object (the mach header " + "extends past the end of the file)"); + return; + } if (auto HeaderOrErr = getStructOrErr<T>(Obj, getPtr(Obj, 0))) Header = *HeaderOrErr; else @@ -267,12 +272,22 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian, DyldInfoLoadCmd(nullptr), UuidLoadCmd(nullptr), HasPageZeroSegment(false) { ErrorAsOutParameter ErrAsOutParam(Err); - if (is64Bit()) + uint64_t big_size; + if (is64Bit()) { parseHeader(this, Header64, Err); - else + big_size = sizeof(MachO::mach_header_64); + } else { parseHeader(this, Header, Err); + big_size = sizeof(MachO::mach_header); + } if (Err) return; + big_size += getHeader().sizeofcmds; + if (getData().data() + big_size > getData().end()) { + Err = malformedError(getFileName(), "truncated or malformed object " + "(load commands extends past the end of the file)"); + return; + } uint32_t LoadCommandCount = getHeader().ncmds; if (LoadCommandCount == 0) |
