1
0
mirror of https://github.com/RPCS3/llvm-mirror.git synced 2024-11-22 02:33:06 +01:00

[DebugInfo] Fix a possible crash when reading a malformed .debug_*lists section.

DWARFListTableHeader::length() handles the zero value of HeaderData.Length
in a special way, which makes the result different from the calculated
value of FullLength, which leads to triggering an assertion. The patch
moves the assertion a bit later when `FullLength` is already checked for
minimal allowed value.

Differential Revision: https://reviews.llvm.org/D82886
This commit is contained in:
Igor Kudrin 2020-07-14 15:55:31 +07:00
parent 2ffa4ea126
commit 307bae0402
2 changed files with 13 additions and 1 deletions

View File

@ -29,13 +29,13 @@ Error DWARFListTableHeader::extract(DWARFDataExtractor Data,
uint8_t OffsetByteSize = Format == dwarf::DWARF64 ? 8 : 4;
uint64_t FullLength =
HeaderData.Length + dwarf::getUnitLengthFieldByteSize(Format);
assert(FullLength == length());
if (FullLength < getHeaderSize(Format))
return createStringError(errc::invalid_argument,
"%s table at offset 0x%" PRIx64
" has too small length (0x%" PRIx64
") to contain a complete header",
SectionName.data(), HeaderOffset, FullLength);
assert(FullLength == length() && "Inconsistent calculation of length.");
uint64_t End = HeaderOffset + FullLength;
if (!Data.isValidOffsetForDataOfSize(HeaderOffset, FullLength))
return createStringError(errc::invalid_argument,

View File

@ -0,0 +1,12 @@
## The test checks that llvm-dwarfdump can handle a malformed input file without
## crashing.
# RUN: llvm-mc -triple x86_64 %s -filetype=obj -o %t
# RUN: not llvm-dwarfdump -debug-rnglists %t 2>&1 | FileCheck %s
# CHECK: error: .debug_rnglists table at offset 0x0 has too small length (0x4) to contain a complete header
## An assertion used to trigger in the debug build of the DebugInfo/DWARF
## library if the unit length field in a range list table was 0.
.section .debug_rnglists,"",@progbits
.long 0