Produce another specific error message for a malformed Mach-O file when a load

command other than the first one is past the end of the load commands. This is like the test case in test/Object/macho-invalid.test for macho64-invalid-incomplete-load-command but it is the second load command that is past the end of all the load commands instead of the first. The code in the constructor for MachOObjectFile that loops over the load commands used getNextLoadCommandInfo() which was not producing a good error message. So that was fixed and a test case was added. llvm-svn: 268403
2025-01-21 07:42:52 +00:00 · 2016-05-03 17:16:08 +00:00 · 2016-05-03 17:16:08 +00:00 · 368e714907
commit 368e714907
parent ec2108199f
3 changed files with 14 additions and 2 deletions
--- a/llvm/lib/Object/MachOObjectFile.cpp
+++ b/llvm/lib/Object/MachOObjectFile.cpp
@ -199,8 +199,16 @@ getFirstLoadCommandInfo(const MachOObjectFile *Obj) {
 }

 static Expected<MachOObjectFile::LoadCommandInfo>
-getNextLoadCommandInfo(const MachOObjectFile *Obj,
+getNextLoadCommandInfo(const MachOObjectFile *Obj, uint32_t LoadCommandIndex,
                       const MachOObjectFile::LoadCommandInfo &L) {
+  unsigned HeaderSize = Obj->is64Bit() ? sizeof(MachO::mach_header_64)
+                                       : sizeof(MachO::mach_header);
+  if (L.Ptr + L.C.cmdsize + sizeof(MachOObjectFile::LoadCommandInfo) >
+      Obj->getData().data() + HeaderSize + Obj->getHeader().sizeofcmds)
+    return malformedError(*Obj, Twine("truncated or malformed object "
+                          "(load command ") + Twine(LoadCommandIndex + 1) +
+                          Twine(" extends past the end all load commands in the "
+                          "file)"));
  return getLoadCommandInfo(Obj, L.Ptr + L.C.cmdsize);
 }

@ -361,7 +369,7 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian,
      Libraries.push_back(Load.Ptr);
    }
    if (I < LoadCommandCount - 1) {
-      if (auto LoadOrErr = getNextLoadCommandInfo(this, Load))
+      if (auto LoadOrErr = getNextLoadCommandInfo(this, I, Load))
        Load = *LoadOrErr;
      else {
        Err = LoadOrErr.takeError();
--- a/llvm/test/Object/Inputs/macho64-invalid-incomplete-load-command.1
+++ b/llvm/test/Object/Inputs/macho64-invalid-incomplete-load-command.1
--- a/llvm/test/Object/macho-invalid.test
+++ b/llvm/test/Object/macho-invalid.test
@ -9,6 +9,10 @@ RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho64-invalid-incomple
 RUN:      | FileCheck -check-prefix INCOMPLETE-LOADC %s
 INCOMPLETE-LOADC: truncated or malformed object (load command 0 extends past the end all load commands in the file)

+RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho64-invalid-incomplete-load-command.1 2>&1 \
+RUN:      | FileCheck -check-prefix INCOMPLETE-LOADC-1 %s
+INCOMPLETE-LOADC-1: truncated or malformed object (load command 1 extends past the end all load commands in the file)
+
 RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-too-small-load-command 2>&1 \
 RUN:      | FileCheck -check-prefix SMALL-LOADC-SIZE %s
 RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho64-invalid-too-small-load-command 2>&1 \