6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-06-13 04:38:24 +00:00
Code Issues Projects Releases Wiki Activity

tools: address possible non-null terminated filenames

Browse Source 
If a filename is a multiple of 18 characters, there will be no null-terminator.
This will result in an invalid access by the constructed StringRef.  Add a test
case to exercise this and fix that handling.  Address this same vulnerability in
llvm-readobj as well.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@206145 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Saleem Abdulrasool
2014-04-14 02:37:23 +00:00
parent aa827a513c
commit 67635a7f8d
6 changed files with 78 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
tools/llvm-objdump/llvm-objdump.cpp
View File

@ -669,17 +669,7 @@ static void PrintCOFFSymbolTable(const COFFObjectFile *coff) {
const coff_symbol *symbol = 0;
for (int i = 0, e = header->NumberOfSymbols; i != e; ++i) {
if (aux_count--) {
switch (symbol->StorageClass) {
default: outs() << "AUX Unknown\n";
case COFF::IMAGE_SYM_CLASS_STATIC:
// Section definition. Follows a symbol-table record that defines a
// section. Such a record has a symbol name that is the name of a
// section and has storage class STATIC (3).
if (symbol->Value) {
errs() << "invalid entry in Symbol Table";
break;
}
if (symbol->isSectionDefinition()) {
const coff_aux_section_definition *asd;
if (error(coff->getAuxSymbol<coff_aux_section_definition>(i, asd)))
return;
@ -693,15 +683,17 @@ static void PrintCOFFSymbolTable(const COFFObjectFile *coff) {
<< format("assoc %d comdat %d\n"
, unsigned(asd->Number)
, unsigned(asd->Selection));
break;
case COFF::IMAGE_SYM_CLASS_FILE:
} else if (symbol->isFileRecord()) {
const coff_aux_file *AF;
if (error(coff->getAuxSymbol<coff_aux_file>(i, AF)))
return;
outs() << "AUX " << StringRef(AF->FileName) << '\n';
StringRef Name(AF->FileName, (aux_count + 1) * COFF::SymbolSize);
outs() << "AUX " << Name.rtrim(StringRef("\0", 1)) << '\n';
i = i + aux_count;
aux_count = 0;
break;
} else {
outs() << "AUX Unknown\n";
}
} else {
StringRef name;