From 23090caf75d15a712ee4415a241fcfd442b1d0ef Mon Sep 17 00:00:00 2001 From: Kevin Enderby Date: Tue, 6 Oct 2015 22:27:08 +0000 Subject: [PATCH] =?utf8?q?Fix=20two=20bugs=20in=20llvm-objdump=E2=80=99s?= =?utf8?q?=20printing=20of=20Objective-C=20meta=20data=20from=20malformed?= =?utf8?q?=20Mach-O=20files=20that=20caused=20crashes.?= MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit We recently got about 700 malformed Mach-O files which we have been using the improve the robustness of tools that deal with reading data from object files. These resulted in about 20 small bug fixes to the darwin based tools. The goal here is to also improve the robustness of llvm-objdump and this is the first two fixes. In talking with Tim Northover the approach we thought might be best is to: 1) Only include tests for the malformed Mach-O files that cause crashes (not all 700+ tests). 2) The test should only contain the command line option that caused the crash and not all the others that don’t matter. 3) There should be only one line for the FileCheck that is past the point of the crash if possible and if possible indicates the malformation. Again the goal is to fix crashes and not so much care about how the printing of malformed data comes out. Tim also suggested if we really wanted to add test cases for all 700+ malformed Mach-O files putting them in the regression tests might be an option. But many of these do not cause crashes. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@249479 91177308-0d34-0410-b5e6-96231b3b80d8 --- .../Inputs/malformed-machos/mem-crup-0001.macho | Bin 0 -> 9248 bytes .../Inputs/malformed-machos/mem-crup-0006.macho | Bin 0 -> 9248 bytes test/tools/llvm-objdump/malformed-machos.test | 14 ++++++++++++++ tools/llvm-objdump/MachODump.cpp | 6 ++++-- 4 files changed, 18 insertions(+), 2 deletions(-) create mode 100644 test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0001.macho create mode 100644 test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0006.macho create mode 100644 test/tools/llvm-objdump/malformed-machos.test diff --git a/test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0001.macho b/test/tools/llvm-objdump/Inputs/malformed-machos/mem-crup-0001.macho new file mode 100644 index 0000000000000000000000000000000000000000..d81f9f00f4a7dd78ea805814837537a9548f54d8 GIT binary patch literal 9248 zcmeHNO>7%Q6dpG%4Ixmca0pPqK`9E*cvI9y0jW}cD+fZ7#tA~8YU-a&vh8};^{&+z zQQ@c*5k-}J;78(w5Vu}>;DP{A2@c#iz#%8p1E3%kDF-B~N)W!cGqYZ=Pba&ax6!a#(cO)PAh(uw5Lfok2+~doc z8OI^Quzl;2?>}`yfk0oD95)f|i zpCXny=lU{VERpLx3D0*^@^#DhgeitwNj;9oN9IQYtyKKB$SIDASNVZ+%j8a_khM)- zbW8YMcIH!bw2XpwQM?7?kaIJ$8(&-!sqqO1`ILQXM!`5S4aW`J*B#;`9OMI!Y#|sW zpHavx>Gacv`4S;M!n^;jB93j#@!keuzCOu!Lr#cr$UZeyFPHW?x>?c}@j3|eZAd=l zKf*yitUuYJVZKfouK{8V^W6&Z5f1W!WhcIT#?4538{=hDww@KkGr}Q0sSz2)F|8ra zrzWRgni!u{@8pEg`=d*o*e~iSPJ(fFKkyI|tshZO&luCnPDwNET*lN)BdfWFRq4-H zP)vGH_9SD~0kmWZG0`~kDxi{D!c(yu$jMHM1sY?Zhq1%R&w=13hNAbBnlqItQCqT0 zy%SMvl3DbZQ)LU}OU&SZ zl4p@Te*h17HPIvTK;(hQ1Ca+J4@4f=vj-MZYrmwf+>WQ#E^npQ54?vxO=@l8PHO$+ zDiyC?-rA(Se(K7%@w4A-AN>^NscVnDk8C8pee^2w+A<#Ow_mrnw++j18SS;W*kuhL z9~>Tdf%XmHVn?VQB$(4)g}#wbAg8n>zlW$y`^Qf7jC;KSK=Y87q435Wi><_C@y>(o zH6jnmo03QEOO<*Rg+7^79p&Ng%%E`Dd@c(+C zt0z7;UK~h|&5ftWiitCahxyFti(`CjY9yWJy?i=7lRdBJTz2N-R;(tKFHg*mG&QJp z*Ps{I)Ow-lR(LLxTh>{10|y+Q#6GJ%IE(|1ymxocv$!tCU3+!oFQu9JvbPt;rhsv&mR~0-Jd$?y6G4a z?pJ(KCnMgK5NiD^IjYF}&BPr_5TAl>u`R|vnfY;nnh{YF4|TqA6Sy~kN#Bd4{_lbC zG#(270GvQlavOz&0?4U-o*q)}Mfm|FHQo`F58=#0or9c|Se=K=0pm~2lNllWb_jnM z!q)}%{X@qi@~CB)$_b_|IJg_rW=poKXB=%@cP_YgQQRyR5FvKpl2HpBf+Y)k=sH?9 z%)B;fxq7Lf=Z%c3I|1fo)>F^vCPvl+<4A=FZKvO|O9fnbt_%(G!4qCHaSoTXS^w+x rC`!;V-C5SSK7%Q6dpG%4Ixmca0pPqK`9E*cvI9y0jW}cD+fZ7#tA~8YU-a&vh8};^{&+z zQQ@c*5k-}J;78(w5Vu}>;DP{A2@c#iz#%8p1E3%kDF-B~N)W!cGqYZ=Pba&ax6!a#(cO)PAh(uw5Lfok2+~doc z8OI^Quzl;2?>}`yfk0oD95)f|i zpCXny=lU{VERpLx3D0*^@^#DhgeitwNj;9oN9IQYtyKKB$SIDASNVZ+%j8a_khM)- zbW8YMcIH!bw2XpwQM?7?kaIJ$8(&-!sqqO1`ILQXM!`5S4aW`J*B#;`9OMI!Y#|sW zpHavx>Gacv`4S;M!n^;jB93j#@!keuzCOu!Lr#eJLiVYtdbzaE(an;+h}S`wZ$t7a z{}B%IVg1P#4fA!%cnuI^nD17Ik8qF=EIaY#Gj2xO+ZZpKvh}POo)Hf5NsY)Tj%f{X zJ~cW0(!}_rdM77@-XC4!#C}mvaT1KX`+6CLR{@pO5}u0PKu&g2EYKJOJ&YYjehvgTF%-S0)SRhIiQ1A~ z>Ya#Ulgy&OoKl1CQ6L)Ude>`zeEIe9Ki~Z#{n7jr<)L2G!KI9Kba?3*g{cnGiF6K$ z`qKC;{ubzu#k6$AarJ^WWn@d4QbjvWucAwK>4Kx3w#ycNPs6s7-V2IqwO90#gBnL0 z3+O>d{6k1SKl>R-`57LDYiUI!N2G(HC28*W73^y4CrnI^275k*zBJ!E3GvQ)T4DzO zlRS&$`2%>stBD?w2OA%V@8~#V%|3 z_~7us3$$+l7dt}jAiL?F?X9jgUm1!SD!>aFH^&x@<8N)$ODlFA`e6!h&&K^Ao4)uf&bS7 zT|M!+@!~*wY;HU~R!p2ZJj`cCUmW9OQzPj#@8#3!ne2Hz=dv>ww_-J^e0gGiq^Uu* zy9T|urq&BZx59Io+_KK98#v(bB=%YD!C@S5)s{!|;=?7_iE4cAAWeEzt|@BY+D*GKx>x#Ogd`4j6xGp3Dg0w?p{D z5WX(3?;koIkw-1VR8BB$!NJ{_He0e?J>zKOx^uy`i{fUnfC#YzmyBBA5G+~PL)X!= zVdk|-%hgK-J#S=O-3c%!vz~fRH!-pv7)L5ZXgmFuT`J(hb7g3d51#OviF3H5&H7)j rM^S=~>CUpo1yWZ_MT-dh&xjg__t&SW4h~*dH80AYmRQruq>%atMcx|< literal 0 HcmV?d00001 diff --git a/test/tools/llvm-objdump/malformed-machos.test b/test/tools/llvm-objdump/malformed-machos.test new file mode 100644 index 00000000000..4e1765f7f42 --- /dev/null +++ b/test/tools/llvm-objdump/malformed-machos.test @@ -0,0 +1,14 @@ +// These test checks that llvm-objdump will not crash with malformed Mach-O +// files. So the check line is not all that important but the bug fixes to +// make sure llvm-objdump is robust is what matters. +# RUN: llvm-objdump -macho -objc-meta-data \ +# RUN: %p/Inputs/malformed-machos/mem-crup-0001.macho \ +# RUN: | FileCheck -check-prefix=m0001 %s + +# m0001: (method_t extends past the end of the section) + +# RUN: llvm-objdump -macho -objc-meta-data \ +# RUN: %p/Inputs/malformed-machos/mem-crup-0006.macho \ +# RUN: | FileCheck -check-prefix=m0006 %s + +# m0006: ivarLayout 0x8 diff --git a/tools/llvm-objdump/MachODump.cpp b/tools/llvm-objdump/MachODump.cpp index 164fb4ce4bc..0e9bf3695d8 100644 --- a/tools/llvm-objdump/MachODump.cpp +++ b/tools/llvm-objdump/MachODump.cpp @@ -3236,6 +3236,8 @@ walk_pointer_list_32(const char *listname, const SectionRef S, } static void print_layout_map(const char *layout_map, uint32_t left) { + if (layout_map == nullptr) + return; outs() << " layout map: "; do { outs() << format("0x%02" PRIx32, (*layout_map) & 0xff) << " "; @@ -3299,8 +3301,8 @@ static void print_method_list64_t(uint64_t p, struct DisassembleInfo *info, return; memset(&m, '\0', sizeof(struct method64_t)); if (left < sizeof(struct method64_t)) { - memcpy(&ml, r, left); - outs() << indent << " (method_t entends past the end of the section)\n"; + memcpy(&m, r, left); + outs() << indent << " (method_t extends past the end of the section)\n"; } else memcpy(&m, r, sizeof(struct method64_t)); if (info->O->isLittleEndian() != sys::IsLittleEndianHost) -- 2.11.0