We have a division by zero crash currently when
the sh_entzize of the dynamic symbol table is 0.
Differential revision: https://reviews.llvm.org/D82180
It is possible to trigger a crash when a dynamic symbol has a
broken (too large) st_name and the DT_STRSZ is also broken.
We have the following code in the `Elf_Sym_Impl<ELFT>::getName`:
```
template <class ELFT>
Expected<StringRef> Elf_Sym_Impl<ELFT>::getName(StringRef StrTab) const {
uint32_t Offset = this->st_name;
if (Offset >= StrTab.size())
return createStringError(object_error::parse_failed,
"st_name (0x%" PRIx32
") is past the end of the string table"
" of size 0x%zx",
Offset, StrTab.size());
...
```
The problem is that `StrTab` here is a `ELFDumper::DynamicStringTab` member
which is not validated properly on initialization. So it is possible to bypass the
`if` even when the `st_name` is huge.
This patch fixes the issue.
Differential revision: https://reviews.llvm.org/D82201
Similar to D81937, we might crash when printing a histogram for a GNU hash table
with a 'symndx' index that is larger than the number of dynamic symbols.
This patch adopts and reuses the `getGnuHashTableChains()` helper which performs
a validation of the table. As a side effect the warning reported for
the --gnu-hash-table was improved.
Also with this change we start to report a warning when the histogram is requested for
the GNU hash table, but the dynamic symbols table is empty (size == 0).
Differential revision: https://reviews.llvm.org/D82010
Summary: Rename --elf-cg-profile to --cg-profile and keep --elf-cg-profile as an alias of --cg-profile.
Reviewers: jhenderson, MaskRay, espindola, hans
Reviewed By: jhenderson, MaskRay
Subscribers: emaste, rupprecht, llvm-commits
Tags: #llvm
Differential Revision: https://reviews.llvm.org/D81855
`Elf_GnuHash_Impl` has the following method:
```
ArrayRef<Elf_Word> values(unsigned DynamicSymCount) const {
return ArrayRef<Elf_Word>(buckets().end(), DynamicSymCount - symndx);
}
```
When DynamicSymCount is less than symndx we return an array with the huge broken size.
This patch fixes the issue and adds an assert. This assert helped to fix an issue
in one of the test cases.
Differential revision: https://reviews.llvm.org/D81937
`printGnuHashTable` contains the code to check the GNU hash table.
This patch splits it to `getGnuHashTableChains` helper
(and reorders slightly to reduce).
Differential revision: https://reviews.llvm.org/D81928
Previously we only printed a symbol value when it has a non-empty name
or non-zero value.
This patch changes the behavior. Now we only omit a symbols value when
a relocation does not reference a symbol (i.e. symbol index == 0).
Seems it is what GNU readelf does, looking on its output.
Differential revision: https://reviews.llvm.org/D81842
Currently, llvm-readelf crashes when there is a STT_SECTION symbol for the null section
and this symbol is used in a relocation.
Differential revision: https://reviews.llvm.org/D81840
This adds 4 new reloc types.
A lot of code that previously assumed any memory or offset values could be contained in a uint32_t (and often truncated results from functions returning 64-bit values) have been upgraded to uint64_t. This is not comprehensive: it is only the values that come in contact with the new relocation values and their dependents.
A new tablegen mapping was added to automatically upgrade loads/stores in the assembler, which otherwise has no way to select for these instructions (since they are indentical other than for the offset immediate). It follows a similar technique to https://reviews.llvm.org/D53307
Differential Revision: https://reviews.llvm.org/D81704
We have unobvious issue in the condition that is used to check
that we do not read past the EOF.
The problem is that the result of "GnuHashTable->nbuckets * 4" expression is uint32.
Because of that it was still possible to overflow it and pass the check.
There was no such problem with the "GnuHashTable->maskwords * sizeof(typename ELFT::Off)"
condition, because of `sizeof` on the right (which gives 64-bits value on x64),
but I've added an explicit conversion to 64-bit value for `GnuHashTable->maskwords` too.
Differential revision: https://reviews.llvm.org/D81103
This flag (and the whole field DT_FLAGS_1) originated from Solaris. I intend to use it in an LLD patch D80872.
Reviewed By: jhenderson
Differential Revision: https://reviews.llvm.org/D80871
Partially reverts feee98645dde4be31a70cc6660d2fc4d4b9d32d8.
Add explicit braces to a different place to fix
"error: add explicit braces to avoid dangling else [-Werror,-Wdangling-else]"
This improves the next points for broken hash tables:
1) Use reportUniqueWarning to prevent duplication when
--hash-table and --elf-hash-histogram are used together.
2) Dump nbuckets and nchain fields. It is often possible
to dump them even when the table itself goes past the EOF etc.
Differential revision: https://reviews.llvm.org/D80373
It would be nice to switch to `reportUniqueWarnings` from
`reportError` in this class, but first of all it needs a cleanup.
This patch:
1) Eliminates autos.
2) Removes code duplication.
3) Changes how the code works with `Expected<>`.
4) Introduces 2 new `using`s to make the code a bit shorter.
Differential revision: https://reviews.llvm.org/D80726
llvm-readelf might crash when the .gnu.hash table goes past the EOF.
This patch splits and updates the code of a helper function `checkGNUHashTable`,
which is similar to `checkHashTable` and fixes the issue.
Differential revision: https://reviews.llvm.org/D80215
Summary:
Define ELF binary code for VE and modify code where should use this new code.
Depends on D79544.
Reviewed By: jhenderson
Differential Revision: https://reviews.llvm.org/D79545
When the p_offset/p_filesz of the PT_GNU_EH_FRAME is invalid
(e.g larger than the file size) then llvm-readobj might crash.
This patch fixes the issue. I've introduced `ELFFile<ELFT>::getSegmentContent`
method, which is very similar to `ELFFile<ELFT>::getSectionContentsAsArray` one.
Differential revision: https://reviews.llvm.org/D80380
As was mentioned in review comments for D80204,
`printHashHistogram` has 2 lambdas that are probably too large
and deserves splitting into member functions.
This patch does it.
Differential revision: https://reviews.llvm.org/D80546
When the `--elf-hash-histogram` is used, the code first tries to build
a histogram for the .hash table and then for the .gnu.hash table.
The problem is that dumper might return early when unable or do not need to
build a histogram for the .hash.
This patch reorders the code slightly to fix the issue and adds a test case.
Differential revision: https://reviews.llvm.org/D80204
Previously, the option was only implemented for LLVM output. This fixes
https://bugs.llvm.org/show_bug.cgi?id=45695.
At the current time, GNU readelf does not support this option.
Consequently, this patch simply attempts to roughly follow the output
style for similar options like --syms/--notes etc, combined with
--string-dump output.
Reviewed by: MaskRay, grimar
Differential Revision: https://reviews.llvm.org/D79939
Imagine we have a broken .eh_frame.
Below is a possible sample output of llvm-readelf:
```
...
entry 2 {
initial_location: 0x10f5
address: 0x2080
}
}
}
.eh_frame section at offset 0x2028 address 0x2028:
LLVM ERROR: Parsing entry instructions at 0 failed
PLEASE submit a bug report to https://bugs.llvm.org/ and include the crash backtrace.
Stack dump:
0. Program arguments: /home/umb/LLVM/LLVM/llvm-project/build/bin/llvm-readelf -a 1
#0 0x000055f4a2ff5a1a llvm::sys::PrintStackTrace(llvm::raw_ostream&) (/home/umb/LLVM/LLVM/llvm-project/build/bin/llvm-readelf+0x2b9a1a)
...
#15 0x00007fdae5dc209b __libc_start_main /build/glibc-B9XfQf/glibc-2.28/csu/../csu/libc-start.c:342:3
#16 0x000055f4a2db746a _start (/home/umb/LLVM/LLVM/llvm-project/build/bin/llvm-readelf+0x7b46a)
Aborted
```
I.e. it calls abort(), suggests to submit a bug report and exits with the code 134.
This patch changes the logic to propagate errors to callers.
This fixes the behavior for llvm-dwarfdump, llvm-readobj and other possible tools.
Differential revision: https://reviews.llvm.org/D79165
We might have a scenario where a the `GbuHashTable` variable correctly points
to a place inside the file (we validate this fact early in `parseDynamicTable`),
but nbuckets/maskwords fields are broken in the way the code tries
to read the data past the EOF. This patch fixes the issue.
Differential revision: https://reviews.llvm.org/D79853
I noticed that std::error_code() does one-time initialization. Avoid
that overhead with Expected<T> and llvm::Error. Also, it is consistent
with the virtual interface and ELF, and generally cleaner.
Reviewed By: MaskRay
Differential Revision: https://reviews.llvm.org/D79643
This patch is a NFC refactoring.
Currently the logic is overcomplicated, contains dead conditions and is very hard to read.
This patch performs a very straightforward simplification. Probably it can be
simplified and improved more, but we need to land test cases documenting/testing
all the current functionality first.
Differential revision: https://reviews.llvm.org/D78709
We do not verify the p_offset of the PT_INTERP header and tool may
crash when a program interpreter name string goes past the end of the file.
Differential revision: https://reviews.llvm.org/D79013
According to the spec, the payload for debug directories can be
in parts of the binary that aren't mapped at runtime - in these
cases, AddressOfRawData is just set to zero.
Differential Revision: https://reviews.llvm.org/D78920
There are cases when we either might print garbage or crash when
reading strings for dumping dynamic tags.
For example when a string table is not null-terminated or goes past the EOF.
This patch fixes issues mentioned.
Differential revision: https://reviews.llvm.org/D77216
Currently we have no dedicated warnings, but we return error message instead of a result.
It is generally not consistent with another warnings we have.
This change was suggested and discussed here:
https://reviews.llvm.org/D77216#1954873
This change refines error messages we report and also I had to update the API
to implement it.
Differential revision: https://reviews.llvm.org/D77399
We have scenarios when the logic of --elf-hash-histogram/--hash-symbols/--hash-table
options might crash when given a broken hash table.
This patch adds pre-checks for tables for these 3 options
and provides test cases.
Differential revision: https://reviews.llvm.org/D77147
Leverage ARM ELF build attribute section to create ELF attribute section
for RISC-V. Extract the common part of parsing logic for this section
into ELFAttributeParser.[cpp|h] and ELFAttributes.[cpp|h].
Differential Revision: https://reviews.llvm.org/D74023
The unique warning handler was previously a property of the dump style,
but it is commonly used in the dumper too. Since the two ELF output
styles have no impact on the way warnings are printed, this patch moves
the handler and related functions into the dumper class, instead of the
dump style class.
Reviewed by: MaskRay, grimar
Differential Revision: https://reviews.llvm.org/D76777
If the section headers have been removed by a tool such as llvm-objcopy
or llvm-strip, previously llvm-readobj/llvm-readelf would not dump the
dynamic symbols when --dyn-symbols was specified. However, the nchain
value of the DT_HASH data specifies the number of dynamic symbols, so if
it is present, we can use that. This patch implements this behaviour.
Fixes https://bugs.llvm.org/show_bug.cgi?id=45089.
Reviewed by: grimar, MaskRay
Differential Revision: https://reviews.llvm.org/D76352
Prior to this change, for non-relocatable objects llvm-readobj would
assume that all symbols that corresponded to a stack size section's
entries were in the section specified by the section's sh_link field.
In the presence of an output section description combining
SHF_LINK_ORDER sections linking different output sections, this cannot
be respected, since linker script section patterns are "by name" by
nature. Consequently, the sh_link value would not be correct for all
section entries.
This patch changes llvm-readobj to ignore the section of symbols in a
non-relocatable object.
Fixes https://bugs.llvm.org/show_bug.cgi?id=45228.
Reviewed by: grimar, MaskRay
Differential Revision: https://reviews.llvm.org/D76425
* Delete boilerplate
* Change functions to return `Error`
* Test parsing errors
* Update callers of ARMAttributeParser::parse() to check the `Error` return value.
Since this patch touches nearly everything in the file, I apply
http://llvm.org/docs/Proposals/VariableNames.html and change variable
names to lower case.
Reviewed By: compnerd
Differential Revision: https://reviews.llvm.org/D75015
This changes the output of `llvm-readelf -n` from:
```
Displaying notes found at file offset 0x<...> with length 0x<...>:
```
to:
```
Displaying notes found in: .note.foo
```
And similarly, adds a `Name:` field to the `llvm-readobj -n` output for notes.
This change not only increases GNU compatibility, it also makes it much easier to read notes. Note that we still fall back to printing the file offset/length in cases where we don't have a section name, such as when printing notes in program headers or printing notes in a partially stripped file (GNU readelf does the same).
Fixes llvm.org/PR41339.
Reviewed By: MaskRay
Differential Revision: https://reviews.llvm.org/D75647
