From 48c9175fe5260e03ecdb7a641ae06b813cc7701d Mon Sep 17 00:00:00 2001 From: Adrian Prantl Date: Mon, 23 Apr 2018 16:08:01 +0000 Subject: [PATCH] Fix computeSymbolSizes SEGFAULT on invalid file We use llvm-symbolizer in some production systems, and we run it against all possibly related files, including some that are not ELF. We noticed that for some of those invalid files, llvm-symbolizer would crash with SEGFAULT. Here is an example of such a file. It is due to that in computeSymbolSizes, a loop uses condition for (unsigned I = 0, N = Addresses.size() - 1; I < N; ++I) { where if Addresses.size() is 0, N would overflow and causing the loop to access invalid memory. Instead of patching the loop conditions, the commit makes so that the function returns early if Addresses is empty. Validated by checking that llvm-symbolizer no longer crashes. Patch by Teng Qin! Differential Revision: https://reviews.llvm.org/D44285 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@330610 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Object/SymbolSize.cpp | 4 ++++ test/tools/llvm-symbolizer/sym.test | 6 +++++- 2 files changed, 9 insertions(+), 1 deletion(-) diff --git a/lib/Object/SymbolSize.cpp b/lib/Object/SymbolSize.cpp index dd49d5f116b..004fb1b0754 100644 --- a/lib/Object/SymbolSize.cpp +++ b/lib/Object/SymbolSize.cpp @@ -66,6 +66,10 @@ llvm::object::computeSymbolSizes(const ObjectFile &O) { Addresses.push_back( {O.symbol_end(), Address + Size, 0, getSectionID(O, Sec)}); } + + if (Addresses.empty()) + return Ret; + array_pod_sort(Addresses.begin(), Addresses.end(), compareAddress); // Compute the size as the gap to the next symbol diff --git a/test/tools/llvm-symbolizer/sym.test b/test/tools/llvm-symbolizer/sym.test index 27f06901ff6..871c16a494c 100644 --- a/test/tools/llvm-symbolizer/sym.test +++ b/test/tools/llvm-symbolizer/sym.test @@ -19,6 +19,8 @@ RUN: llvm-symbolizer -print-address -obj=%p/Inputs/addr.exe < %p/Inputs/addr.inp | FileCheck %s RUN: llvm-symbolizer -inlining -print-address -pretty-print -obj=%p/Inputs/addr.exe < %p/Inputs/addr.inp | FileCheck --check-prefix="PRETTY" %s +RUN: echo "0x1" > %t.input +RUN: llvm-symbolizer -obj=%p/Inputs/zero < %t.input | FileCheck --check-prefix="ZERO" %s #CHECK: some text #CHECK: 0x40054d @@ -31,4 +33,6 @@ RUN: llvm-symbolizer -inlining -print-address -pretty-print -obj=%p/Inputs/addr. #PRETTY: (inlined by) inc at {{[/\]+}}tmp{{[/\]+}}x.c:7:0 #PRETTY (inlined by) main at {{[/\]+}}tmp{{[/\]+}}x.c:14:0 #PRETTY: some text2 - +# +#ZERO: ?? +#ZERO: ??:0:0 -- 2.11.0