summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--llvm/lib/Object/WasmObjectFile.cpp8
-rw-r--r--llvm/test/tools/llvm-objdump/Inputs/corrupt-section.wasmbin0 -> 22 bytes
-rw-r--r--llvm/test/tools/llvm-objdump/wasm-corrupt-section.test2
3 files changed, 7 insertions, 3 deletions
diff --git a/llvm/lib/Object/WasmObjectFile.cpp b/llvm/lib/Object/WasmObjectFile.cpp
index 15a78df5402..86ce9c2209c 100644
--- a/llvm/lib/Object/WasmObjectFile.cpp
+++ b/llvm/lib/Object/WasmObjectFile.cpp
@@ -178,14 +178,16 @@ static wasm::WasmTable readTable(const uint8_t *&Ptr) {
}
static Error readSection(WasmSection &Section, const uint8_t *&Ptr,
- const uint8_t *Start) {
- // TODO(sbc): Avoid reading past EOF in the case of malformed files.
+ const uint8_t *Start, const uint8_t *Eof) {
Section.Offset = Ptr - Start;
Section.Type = readVaruint7(Ptr);
uint32_t Size = readVaruint32(Ptr);
if (Size == 0)
return make_error<StringError>("Zero length section",
object_error::parse_failed);
+ if (Ptr + Size > Eof)
+ return make_error<StringError>("Section too large",
+ object_error::parse_failed);
Section.Content = ArrayRef<uint8_t>(Ptr, Size);
Ptr += Size;
return Error::success();
@@ -221,7 +223,7 @@ WasmObjectFile::WasmObjectFile(MemoryBufferRef Buffer, Error &Err)
WasmSection Sec;
while (Ptr < Eof) {
- if ((Err = readSection(Sec, Ptr, getPtr(0))))
+ if ((Err = readSection(Sec, Ptr, getPtr(0), Eof)))
return;
if ((Err = parseSection(Sec)))
return;
diff --git a/llvm/test/tools/llvm-objdump/Inputs/corrupt-section.wasm b/llvm/test/tools/llvm-objdump/Inputs/corrupt-section.wasm
new file mode 100644
index 00000000000..3bf45f715db
--- /dev/null
+++ b/llvm/test/tools/llvm-objdump/Inputs/corrupt-section.wasm
Binary files differ
diff --git a/llvm/test/tools/llvm-objdump/wasm-corrupt-section.test b/llvm/test/tools/llvm-objdump/wasm-corrupt-section.test
new file mode 100644
index 00000000000..9ba7a7ef6bd
--- /dev/null
+++ b/llvm/test/tools/llvm-objdump/wasm-corrupt-section.test
@@ -0,0 +1,2 @@
+# RUN: not llvm-objdump -h %p/Inputs/corrupt-section.wasm 2>&1 | FileCheck %s
+# CHECK: '{{.*}}corrupt-section.wasm': Section too large
OpenPOWER on IntegriCloud