llvmbot
commented
1 year ago @llvm/issue-subscribers-tools-llvm-objdump
Open mothran opened 7 years ago
llvmbot
commented
1 year ago @llvm/issue-subscribers-tools-llvm-objdump
Extended Description
A malformed PE file can cause LLVM to crash when iterating the imported_symbols() API on the COFFObjectFile.
It appears that importedSymbolEnd() that there is a missing null check of IntPtr after the call: Object->getRvaPtr(RVA, IntPtr);
Reproduction steps (tested against current master branch in github mirror):
./bin/llvm-objdump -private-headers /path/to/attached/file
Stack trace:
0 0x0000555dbd61a62d llvm::sys::PrintStackTrace(llvm::raw_ostream&) /home/user/llvm/lib/Support/Unix/Signals.inc:398:0
1 0x0000555dbd61a6d1 PrintStackTraceSignalHandler(void*) /home/user/llvm/lib/Support/Unix/Signals.inc:462:0
2 0x0000555dbd618764 llvm::sys::RunSignalHandlers() /home/user/llvm/lib/Support/Signals.cpp:49:0
3 0x0000555dbd619dde SignalHandler(int) /home/user/llvm/lib/Support/Unix/Signals.inc:252:0
4 0x00007fa8b8ff7da0 __restore_rt (/usr/lib/libpthread.so.0+0x11da0)
5 0x0000555dbd010d79 unsigned int llvm::support::endian::read<unsigned int, 1ul>(void const*, llvm::support::endianness) /home/user/llvm/include/llvm/Support/Endian.h:69:0
6 0x0000555dbd011905 unsigned int llvm::support::endian::read<unsigned int, (llvm::support::endianness)1, 1ul>(void const*) /home/user/llvm/include/llvm/Support/Endian.h:81:0
7 0x0000555dbd009ebb llvm::support::detail::packed_endian_specific_integral<unsigned int, (llvm::support::endianness)1, 1ul>::operator unsigned int() const /home/user/llvm/include/llvm/Support/Endian.h:218:0
8 0x0000555dbd4871b5 importedSymbolEnd(unsigned int, llvm::object::COFFObjectFile const*) /home/user/llvm/lib/Object/COFFObjectFile.cpp:1309:0
9 0x0000555dbd487337 llvm::object::ImportDirectoryEntryRef::imported_symbol_end() const /home/user/llvm/lib/Object/COFFObjectFile.cpp:1329:0
10 0x0000555dbd487399 llvm::object::ImportDirectoryEntryRef::imported_symbols() const /home/user/llvm/lib/Object/COFFObjectFile.cpp:1333:0
11 0x0000555dbd040aa5 printImportTables(llvm::object::COFFObjectFile const*) /home/user/llvm/tools/llvm-objdump/COFFDump.cpp:368:0
12 0x0000555dbd041fb8 llvm::printCOFFFileHeader(llvm::object::ObjectFile const*) /home/user/llvm/tools/llvm-objdump/COFFDump.cpp:616:0
13 0x0000555dbcff81c1 printPrivateFileHeaders(llvm::object::ObjectFile const*, bool) /home/user/llvm/tools/llvm-objdump/llvm-objdump.cpp:2013:0
14 0x0000555dbcff85ef DumpObject(llvm::object::ObjectFile, llvm::object::Archive const) /home/user/llvm/tools/llvm-objdump/llvm-objdump.cpp:2051:0
15 0x0000555dbcff8e9d DumpInput(llvm::StringRef) /home/user/llvm/tools/llvm-objdump/llvm-objdump.cpp:2129:0
16 0x0000555dbd010206 void (std::for_each<gnu_cxx::__normal_iterator<std::cxx11::basic_string<char, std::char_traits, std::allocator > , std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std:: cxx11::basic_string<char, std::char_traits, std::allocator > > > >, void ()(llvm::StringRef)>(gnu_cxx::__normal_iterator<std::cxx11::basic_string<char, std::char_traits, std::allocator > , std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std:: cxx11::basic_string<char, std::char_traits, std::allocator > > > >, gnu_cxx::__normal_iterator<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::vector<std::cxx11::basic_string<char, std::char_traits, std::allocator >, std::allocator<std:: cxx11::basic_string<char, std::char_traits, std::allocator > > > >, void ( )(llvm::StringRef)))(llvm::StringRef) /usr/include/c++/7.2.0/bits/stl_algo.h:3883:0
17 0x0000555dbcff95ae main /home/user/llvm/tools/llvm-objdump/llvm-objdump.cpp:2192:0
18 0x00007fa8b7ad6f6a __libc_start_main (/usr/lib/libc.so.6+0x20f6a)
19 0x0000555dbcfeda6a _start (./bin/llvm-objdump+0x2aea6a)