[Lldb-commits] [lldb] r346812 - Fix a bug in the parsing of the LC_BUILD_VERSION Mach-O load command.

Tue, 13 Nov 2018 15:17:25 -0800 

Author: adrian
Date: Tue Nov 13 15:14:37 2018
New Revision: 346812

URL: http://llvm.org/viewvc/llvm-project?rev=346812&view=rev
Log:
Fix a bug in the parsing of the LC_BUILD_VERSION Mach-O load command.

LC_BUILD_VERSION records are of variable length. The original code
would use uninitialized memory when the size of a record was exactly 24.

rdar://problem/46032185

Added:
    lldb/trunk/lit/Modules/lc_build_version_notools.yaml
      - copied, changed from r346787, 
lldb/trunk/lit/Modules/lc_build_version.yaml
Modified:
    lldb/trunk/lit/Modules/lc_build_version.yaml
    lldb/trunk/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp

Modified: lldb/trunk/lit/Modules/lc_build_version.yaml
URL: 
http://llvm.org/viewvc/llvm-project/lldb/trunk/lit/Modules/lc_build_version.yaml?rev=346812&r1=346811&r2=346812&view=diff
==============================================================================
--- lldb/trunk/lit/Modules/lc_build_version.yaml (original)
+++ lldb/trunk/lit/Modules/lc_build_version.yaml Tue Nov 13 15:14:37 2018
@@ -1,6 +1,6 @@
 # RUN: yaml2obj %s > %t.out
 # RUN: lldb-test symbols %t.out | FileCheck %s
-# REQUIRES: darwin
+# REQUIRES: system-darwin
 # Test that the deployment target is parsed from the load commands.
 # CHECK: x86_64-apple-macosx10.14.0
 --- !mach-o

Copied: lldb/trunk/lit/Modules/lc_build_version_notools.yaml (from r346787, 
lldb/trunk/lit/Modules/lc_build_version.yaml)
URL: 
http://llvm.org/viewvc/llvm-project/lldb/trunk/lit/Modules/lc_build_version_notools.yaml?p2=lldb/trunk/lit/Modules/lc_build_version_notools.yaml&p1=lldb/trunk/lit/Modules/lc_build_version.yaml&r1=346787&r2=346812&rev=346812&view=diff
==============================================================================
--- lldb/trunk/lit/Modules/lc_build_version.yaml (original)
+++ lldb/trunk/lit/Modules/lc_build_version_notools.yaml Tue Nov 13 15:14:37 
2018
@@ -1,6 +1,6 @@
 # RUN: yaml2obj %s > %t.out
 # RUN: lldb-test symbols %t.out | FileCheck %s
-# REQUIRES: darwin
+# REQUIRES: system-darwin
 # Test that the deployment target is parsed from the load commands.
 # CHECK: x86_64-apple-macosx10.14.0
 --- !mach-o
@@ -10,7 +10,7 @@ FileHeader:
   cpusubtype:      0x80000003
   filetype:        0x00000002
   ncmds:           14
-  sizeofcmds:      744
+  sizeofcmds:      738
   flags:           0x00200085
   reserved:        0x00000000
 LoadCommands:    
@@ -119,14 +119,11 @@ LoadCommands:
     cmdsize:         24
     uuid:            8F41E140-23B9-3720-AC28-4E7AF9D159BA
   - cmd:             LC_BUILD_VERSION
-    cmdsize:         32
+    cmdsize:         24
     platform:        1
     minos:           658944
     sdk:             658944
-    ntools:          1
-    Tools:           
-      - tool:            3
-        version:         26738944
+    ntools:          0
   - cmd:             LC_SOURCE_VERSION
     cmdsize:         16
     version:         0

Modified: lldb/trunk/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp
URL: 
http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp?rev=346812&r1=346811&r2=346812&view=diff
==============================================================================
--- lldb/trunk/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp (original)
+++ lldb/trunk/source/Plugins/ObjectFile/Mach-O/ObjectFileMachO.cpp Tue Nov 13 
15:14:37 2018
@@ -5027,24 +5027,28 @@ bool ObjectFileMachO::GetArchitecture(co
         const lldb::offset_t cmd_offset = offset;
         if (data.GetU32(&offset, &load_cmd, 2) == NULL)
           break;
-
-        if (load_cmd.cmd == llvm::MachO::LC_BUILD_VERSION) {
-          struct build_version_command build_version;
-          if (load_cmd.cmdsize != sizeof(build_version))
+        do {
+          if (load_cmd.cmd == llvm::MachO::LC_BUILD_VERSION) {
+            struct build_version_command build_version;
+            if (load_cmd.cmdsize < sizeof(build_version)) {
+              // Malformed load command.
+              break;
+            }
             if (data.ExtractBytes(cmd_offset, sizeof(build_version),
                                   data.GetByteOrder(), &build_version) == 0)
-              continue;
-          MinOS min_os(build_version.minos);
-          OSEnv os_env(build_version.platform);
-          if (os_env.os_type.empty())
-            continue;
-          os << os_env.os_type << min_os.major_version << '.'
-             << min_os.minor_version << '.' << min_os.patch_version;
-          triple.setOSName(os.str());
-          if (!os_env.environment.empty())
-            triple.setEnvironmentName(os_env.environment);
-          return true;
-        }
+              break;
+            MinOS min_os(build_version.minos);
+            OSEnv os_env(build_version.platform);
+            if (os_env.os_type.empty())
+              break;
+            os << os_env.os_type << min_os.major_version << '.'
+               << min_os.minor_version << '.' << min_os.patch_version;
+            triple.setOSName(os.str());
+            if (!os_env.environment.empty())
+              triple.setEnvironmentName(os_env.environment);
+            return true;
+          }
+        } while (0);
         offset = cmd_offset + load_cmd.cmdsize;
       }
 


_______________________________________________
lldb-commits mailing list
lldb-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits

Reply via email to