From 4496f07497a883e44477b0d8f4e331cd030ffd6e Mon Sep 17 00:00:00 2001
From: George Rimar <grimar@accesssoftek.com>
Date: Wed, 2 Oct 2019 14:11:35 +0000
Subject: [llvm-readelf] - Report a warning when .hash section contains a chain
 with a cycle.

It is possible to craft a .hash section that triggers an infinite loop
in llvm-readelf code. This patch fixes the issue and introduces
a warning.

Differential revision: https://reviews.llvm.org/D68086

llvm-svn: 373476
---
 llvm/tools/llvm-readobj/ELFDumper.cpp | 11 +++++++++++
 1 file changed, 11 insertions(+)

(limited to 'llvm/tools/llvm-readobj/ELFDumper.cpp')

diff --git a/llvm/tools/llvm-readobj/ELFDumper.cpp b/llvm/tools/llvm-readobj/ELFDumper.cpp
index af3d0e967d1..1b3e8f4851d 100644
--- a/llvm/tools/llvm-readobj/ELFDumper.cpp
+++ b/llvm/tools/llvm-readobj/ELFDumper.cpp
@@ -3437,10 +3437,21 @@ template <class ELFT> void GNUStyle<ELFT>::printHashSymbols(const ELFO *Obj) {
     for (uint32_t Buc = 0; Buc < SysVHash->nbucket; Buc++) {
       if (Buckets[Buc] == ELF::STN_UNDEF)
         continue;
+      std::vector<bool> Visited(SysVHash->nchain);
       for (uint32_t Ch = Buckets[Buc]; Ch < SysVHash->nchain; Ch = Chains[Ch]) {
         if (Ch == ELF::STN_UNDEF)
           break;
+
+        if (Visited[Ch]) {
+          reportWarning(
+              createError(".hash section is invalid: bucket " + Twine(Ch) +
+                          ": a cycle was detected in the linked chain"),
+              this->FileName);
+          break;
+        }
+
         printHashedSymbol(Obj, &DynSyms[0], Ch, StringTable, Buc);
+        Visited[Ch] = true;
       }
     }
   }
-- 
cgit v1.2.3