[DebugInfo] Don't crash when given invalid DWARFv5 line table prologue.

This patch replaces an assertion with an explicit check for the validity of the FORM parameters. The assertion was triggered when the DWARFv5 line table contained a zero address size. This fixes OSS-Fuzz Issue 4644 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4644 Differential revision: https://reviews.llvm.org/D41615 llvm-svn: 321863
2024-10-19 02:52:53 +02:00 · 2018-01-05 10:03:02 +00:00 · 2018-01-05 10:03:02 +00:00 · b32cea3c45
commit b32cea3c45
parent a5a9c614d3
5 changed files with 17 additions and 7 deletions
--- a/include/llvm/DebugInfo/DWARF/DWARFFormValue.h
+++ b/include/llvm/DebugInfo/DWARF/DWARFFormValue.h
@ -50,6 +50,8 @@ struct DWARFFormParams {
    }
    llvm_unreachable("Invalid Format value");
  }
+
+  explicit operator bool() const { return Version && AddrSize; }
 };

 class DWARFFormValue {
--- a/lib/DebugInfo/DWARF/DWARFDebugLine.cpp
+++ b/lib/DebugInfo/DWARF/DWARFDebugLine.cpp
@ -268,7 +268,7 @@ bool DWARFDebugLine::Prologue::parse(const DWARFDataExtractor &DebugLineData,

  if (getVersion() >= 5) {
    if (!parseV5DirFileTables(DebugLineData, OffsetPtr, EndPrologueOffset,
-                              getFormParams(), U, HasMD5, IncludeDirectories,
+                              FormParams, U, HasMD5, IncludeDirectories,
                              FileNames)) {
      fprintf(stderr,
              "warning: parsing line table prologue at 0x%8.8" PRIx64
--- a/lib/DebugInfo/DWARF/DWARFFormValue.cpp
+++ b/lib/DebugInfo/DWARF/DWARFFormValue.cpp
@ -64,8 +64,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
                                 const DWARFFormParams Params) {
  switch (Form) {
  case DW_FORM_addr:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
+    if (Params)
      return Params.AddrSize;
+    return None;

  case DW_FORM_block:          // ULEB128 length L followed by L bytes.
  case DW_FORM_block1:         // 1 byte length L followed by L bytes.
@ -86,8 +87,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
    return None;

  case DW_FORM_ref_addr:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
+    if (Params)
      return Params.getRefAddrByteSize();
+    return None;

  case DW_FORM_flag:
  case DW_FORM_data1:
@ -118,8 +120,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
  case DW_FORM_line_strp:
  case DW_FORM_sec_offset:
  case DW_FORM_strp_sup:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
+    if (Params)
      return Params.getDwarfOffsetByteSize();
+    return None;

  case DW_FORM_data8:
  case DW_FORM_ref8:
--- a/test/DebugInfo/Inputs/invalid.linetable
+++ b/test/DebugInfo/Inputs/invalid.linetable
--- a/test/DebugInfo/dwarfdump-invalid-line-table.test
+++ b/test/DebugInfo/dwarfdump-invalid-line-table.test
@ -0,0 +1,5 @@
+Verify that dwarfdump doesn't crash on invalid line table prologue.
+OSS-Fuzz Issue 4644 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4644)
+
+RUN: llvm-dwarfdump --verbose %p/Inputs/invalid.linetable 2>&1 | FileCheck %s --check-prefix=INVALID-LINE-TABLE
+INVALID-LINE-TABLE: invalid directory or file table description