diff options
author | Saleem Abdulrasool <compnerd@compnerd.org> | 2014-04-14 02:37:23 +0000 |
---|---|---|
committer | Saleem Abdulrasool <compnerd@compnerd.org> | 2014-04-14 02:37:23 +0000 |
commit | 67635a7f8df47fa7eb9d7a437ee93f3037e67869 (patch) | |
tree | 0a84bfd2bfbd16fcb897ae7bf37855c11012f3b8 /tools/llvm-objdump | |
parent | aa827a513cb8b8bb15c2bcbda0617d665c4d8116 (diff) | |
download | llvm-67635a7f8df47fa7eb9d7a437ee93f3037e67869.tar.gz llvm-67635a7f8df47fa7eb9d7a437ee93f3037e67869.tar.bz2 llvm-67635a7f8df47fa7eb9d7a437ee93f3037e67869.tar.xz |
tools: address possible non-null terminated filenames
If a filename is a multiple of 18 characters, there will be no null-terminator.
This will result in an invalid access by the constructed StringRef. Add a test
case to exercise this and fix that handling. Address this same vulnerability in
llvm-readobj as well.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@206145 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'tools/llvm-objdump')
-rw-r--r-- | tools/llvm-objdump/llvm-objdump.cpp | 22 |
1 files changed, 7 insertions, 15 deletions
diff --git a/tools/llvm-objdump/llvm-objdump.cpp b/tools/llvm-objdump/llvm-objdump.cpp index 313816e56e..8d5035efcd 100644 --- a/tools/llvm-objdump/llvm-objdump.cpp +++ b/tools/llvm-objdump/llvm-objdump.cpp @@ -669,17 +669,7 @@ static void PrintCOFFSymbolTable(const COFFObjectFile *coff) { const coff_symbol *symbol = 0; for (int i = 0, e = header->NumberOfSymbols; i != e; ++i) { if (aux_count--) { - switch (symbol->StorageClass) { - default: outs() << "AUX Unknown\n"; - case COFF::IMAGE_SYM_CLASS_STATIC: - // Section definition. Follows a symbol-table record that defines a - // section. Such a record has a symbol name that is the name of a - // section and has storage class STATIC (3). - if (symbol->Value) { - errs() << "invalid entry in Symbol Table"; - break; - } - + if (symbol->isSectionDefinition()) { const coff_aux_section_definition *asd; if (error(coff->getAuxSymbol<coff_aux_section_definition>(i, asd))) return; @@ -693,15 +683,17 @@ static void PrintCOFFSymbolTable(const COFFObjectFile *coff) { << format("assoc %d comdat %d\n" , unsigned(asd->Number) , unsigned(asd->Selection)); - break; - case COFF::IMAGE_SYM_CLASS_FILE: + } else if (symbol->isFileRecord()) { const coff_aux_file *AF; if (error(coff->getAuxSymbol<coff_aux_file>(i, AF))) return; - outs() << "AUX " << StringRef(AF->FileName) << '\n'; + + StringRef Name(AF->FileName, (aux_count + 1) * COFF::SymbolSize); + outs() << "AUX " << Name.rtrim(StringRef("\0", 1)) << '\n'; i = i + aux_count; aux_count = 0; - break; + } else { + outs() << "AUX Unknown\n"; } } else { StringRef name; |