From 57f089775b23cabdbafd5a84eebd78d830bf8d9d Mon Sep 17 00:00:00 2001 From: Alexander Richardson Date: Thu, 5 Oct 2017 23:28:29 +0000 Subject: [PATCH] [ELF] Don't crash when parsing a file with external version definition references Summary: We were crashing when linking telnetd in FreeBSD because lld was emitting corrupted output files for --norosegment. In this file the version index of some symbols was set to 9 but lld only found 8 version definitions. I am not sure how to create a minimal .so file that also exposes this behaviour so I just added the one that initially caused the error to Inputs/ This partially addresses https://bugs.llvm.org/show_bug.cgi?id=34705 Reviewers: ruiu, rafael, pcc, grimar Reviewed By: ruiu Subscribers: emaste, krytarowski Tags: #lld Differential Revision: https://reviews.llvm.org/D38397 llvm-svn: 315035 --- lld/ELF/InputFiles.cpp | 15 ++++++++++++--- .../ELF/Inputs/corrupt-version-reference.so | Bin 0 -> 134272 bytes lld/test/ELF/corrupted-version-reference.s | 10 ++++++++++ 3 files changed, 22 insertions(+), 3 deletions(-) create mode 100644 lld/test/ELF/Inputs/corrupt-version-reference.so create mode 100644 lld/test/ELF/corrupted-version-reference.s diff --git a/lld/ELF/InputFiles.cpp b/lld/ELF/InputFiles.cpp index cfe8ae74ffaf..a0a38de0d8a0 100644 --- a/lld/ELF/InputFiles.cpp +++ b/lld/ELF/InputFiles.cpp @@ -775,9 +775,18 @@ template void SharedFile::parseRest() { // Ignore local symbols. if (Versym && VersymIndex == VER_NDX_LOCAL) continue; - - const Elf_Verdef *V = - VersymIndex == VER_NDX_GLOBAL ? nullptr : Verdefs[VersymIndex]; + const Elf_Verdef *V = nullptr; + if (VersymIndex != VER_NDX_GLOBAL) { + if (VersymIndex >= Verdefs.size()) { + error("corrupt input file: version definition index " + + Twine(VersymIndex) + " for symbol " + Name + + " is greater than the maximum value " + + Twine(Verdefs.size() - 1) + "\n>>> symbol is defined in " + + toString(this)); + continue; + } + V = Verdefs[VersymIndex]; + } if (!Hidden) Symtab->addShared(Name, this, Sym, V); diff --git a/lld/test/ELF/Inputs/corrupt-version-reference.so b/lld/test/ELF/Inputs/corrupt-version-reference.so new file mode 100644 index 0000000000000000000000000000000000000000..ef6adc6a026cf87cbd09e9759c8e7112dcc9dc56 GIT binary patch literal 134272 zcmeI2du&_ReaFwel5OVEma(%~NgDe)6%!_@8Tw6U9?IBGre(Jj& zO)9lXrBzD*eY3h9@{M?VwO&DEp0?1NGh!Du+Sp+8uM;F{Mqxu^mHd@98&*1NLt$L& zef`(vla#gd-n7xQhhELdU8o|t%6E@LX3Dwx+C!yGd(F^8xxq#`m6$j6wukCQBX5LK z?or50|E%&_g3-^_m+PNb@%lfip#Bf4ul^YotuLxbPwkc1ArFKOMt0^7{eE(Fz8ZYU zQ<0kkb&J%$I$NEO21<_y;-%Gv>U>Xd<+_!A=ss8tF5Rir$`eX$3G~>h+=HkS`d4=- z<#bzv`VXb9ezfy()ZMdmIkt+nS7E~{Y*~d(tFWzSO+`jOr{GFT!QNM3Zv^(L78~F4 zzUs zKc`alXH^nx;$RcBw0r1%fm)i2soI$s7}TU4Rh^HibTzgaUDGyy6Mb5!o)w*64PuuH zVDJ!ZSg0;aTFX@`7EP;dlK+x0T&SKG`REHO;^dGmY1x-_eHTnQlsDW0aEq_P&Q;jE z3cJB@01OAw*Aup{8H`mr*B^Wg;b87yuO1U=^IGNLv<6On;1mU?2)MM4$D#LJfxXLO zqpDVg%|#uTwic>uI-U+x;oZw>sS00$Kf#AazoA*36`TAF{N^s_H?vVEgKyj{ z{kqhv^E#hVP7ZsV&nW9Beejb2eiDbDB;g||_(&Q)GGKjV(Dv;a!>GeYI^@!RyFaw{ z>-6Q7XRsbTB{t6XIp*3P_zv2SqWwPGeqifc0=E>nCBZF@c^H6QAJ|2~u8Y5&KBLya zu469NVk$i!+niRnO1-vke{K4 z1-CxTuK?`gussReQ`Yu$YyC}j;8Q|>=Fp!i`ZH7idsV9cof@k@uQKS{3G{6ceH%dE z((sE^E5DfwUT`MnDfq=2)|Msosdg4VQjLv%ORojSN0x%v=(k~)TWi+fGw+9Qd{T1{ ze5Cy)GspZ)TGkt^#?T*a@tpwj?ONX7BA0dO4v~j^O4@S%<<{>MIHkd90GtNF>BK7f zxQf26qR(J917=k)o3qU3!+z!~y(To)rfzAmq21p)*Pkb6gpZjQvvKEhcAjXPO<&BM zmv$QC+{Gu+UaLQzgFimI-hTOHL{;aow#_E>ez-83lJ-YmK#S=!vCSFvHr@8u^|+)( zS2&8jHm&yzqg$9A5S#pr9WShj{^rQeTF@+$>&4z`eEXp7%b@Eg#_CsIJ*@Md@YCp< ztRYxmMJ{<|{|WCiB7^Rb)@gqTF*E+r$qec9ch+PltU<`ef(j>y~4@U&p!VWS?ErGLE}S&&4(eW*^sWCWG_XgJjNJ zar>JeV1N4pcn9h>ZQH`^m>!=1JpWaXSxNJhF$>~N#?V_IUH6P+`+2Tw|6{>9$5!eO zb8nwdt?N%EzA}sT`xCk!dXG`C3;wc6>|bvkx3+w?-4-c>_R?4n&tpAY#CmuZ>tPM+ z;Tf!l^H>k(upU-1zhev_B z%44l=oNopT9}d})>97SWN63~oE-Jm)(yxXso%QH-sg=omOIht3J2s^-4$;vUFm zOK!O^`b~B0QcT-m*HCjF_OX7#?=Cj%I}j|%z6OSUdR~291%5geTm35h;3b?9WezQ+ z#n;d3cny2v!&v*I?ge{}f(&(jRqDKC=BoB_zovcsE4nSa&-uu!$H=xT`)U71<;(d& z+VqtjvuazLIJ==-a>cYe<7`2@&rAJ&Wc4<2&BAZ867 z%T1ZR$8Zxl+WI#MN0;@yFgz4^7@Owwn(!5s)^*mfMtuW!skHi*l)01>UX44+pp!$k zB>BY$I_fRxKKHfs8SSC$*L0mB*4P`RPAw1DdFcgRN2E(%E=V1#%PM{?dpz%a(eVkoTyx8Op2EUGk>kn>e>( ztukYXitK(dhBH|SXR;aW$yJ=m=5QvP$C>O5&SW*5$K0B?@w_bnMirT*_gSH;4ZR+J4tO(-$%e-uPay&WN&tHbNv@!!P|R z-Y@HU6^LK>HGLl%lJb|H(sNwz0m$2jbxH5vc3; zi+w7s+c_iOdU6}=x2TOO`bm5vYve;cPd}*C&4GGE*Xh<3l)0Aqe=Tbe#z3!4U;;ZD z@jkm|{3Q1{GiP6GKCZ97>b;Gb3wV}3oc^|JQO0OvmW zcG&hk)Yf+m_ua8RxoeyI!E8;}EtQzNkhz`%@6X?+ zwnWZDzw_xkBk7N$-0ByR=h4W{LR5La7rF1|p#D867DY)3L*D>j&z-i_cj1%adpG7+ zW8adx;g>ax*EM`+F5u4dlYVEOo%;oSXI@^%hhMk6gVXc)KK9&eeMimDt2MCF-^sdu zm%mGo!Has`GyYY>I{SXC{RO-aX}?>Nv%c{?y*G6GCMJ7;mWS3)SxYZCpS5dg>o-@} zkMq~nzR$n74!74W2e*0n*BI{C8QiZ=;9fllZUeX>q;aoK;a;7@y*l1{ug;ygijN%@ zX6T#dg*_vp*I)VGzNO`Rdw{(-z+SAsCE;G3E<6{!Wcp*iw~H^zcQDLNC7f_x4Wzyh zd&^J%CZgAc@V6@L$?`37m)P?Y?sxKgO#2wcaYjz!jGV$5IgK;&0LEw#XX6uCA2T=` zkJ+}n%}*LYuE7I`;uvI%Y~oQ zcW+yNlL`8>&c2jg4(&_-ZuTYnd(74MrDgba9DZ$nuUz-{fNa(Lj#3prON*a{zL%Qc zFc)SAMJ|2>f4bFvFI{e|+pq)jt)lnSjo*WszXNpnjnewYd9)cZYe2`Hq;;PN-LK^Q z2wrRGpZQ&_+wUAZGPRW*)lBYA6;J8S zIkV3%V*bi+7;V3|gns^fxzRqpfggIa^6vgvCg@pM+u3`Q@`OWAH5#*W)$|6>u+Z$T!-rmr>txKQ1#Fmb_MsjMrQk+zi*<4Od=EhH{ z$?+*QSv*-$v1x>-@@jJW_sSLgJvpo$r=zoRL?{j8CD=OMqPDZi~`wFehWNFKi`4;znbzJZ9SXb3;BOGA8Mzlnc<|2e zz5KGxX9Is8kyy|n*Xnm|?v$T}=AXOBrT))$%6nul{cxw;%RzpwQ?AZH{%EJ%??=Dj z5AF8L|FiKTopQATd7@M9Mc^mz?3Am^$p6Rd$p55^9QJ#E)+yhRLj8|)%GFco*I1`q zFHKK(%GHmM|Cvttb;9$HI^|02dGAdfd}Mv~KGK=L2jA?yTBlqsLjG5sav$}m|LBzK z@#?~%NBp$dnZM_)kpHMtuAT7wzZ`EysDBqk9$-@5rgz8TPYvAw z;!;j_9npOTG5H38a{g~1G`e1`dlo6D`|XBqgVxD!1y<+f8#??(hB}{X>ip4$Zj;tM zAJUZ?x`^`LwC#sAt3%+QwmP{>NA0U@UxcLeBZ{=xaXpMSHYoMWNXwhRyWj1Jh|70` zd-3iR8NxS(bo*RfLg<9y%}$1RUnu@Yr0>A{7MoY*6Y@r+H2U*OrkrURvaW{>LV5&gsy< zYSQtfgh;zHqUKR*%;k}JBYN8(!vkr@$8ppDCld6dlE3Ad z7#|)fpDtC3iRoe@r6eh_0}`7onds0Xr-qK_N5`it`SOv8?DTYgS`7`2%w&fO<5Ss* z@ptFd!-pR`IK@rp<$i#eAUCw`GwBjh50)X5Pv zbmaIGgO9({nEKH1<3pqQ%22*sE|!&~CW_hIkU=vvT`7-GjZSNMIiH;_PMM5W0T`y- zkkoPHWVxK5svJK#l|NP-$xbxj>_NWC;i2i_p^5QH*g1sax$&uz$_^KCNy$!^&`PDC z3aDgaO6g8cW+x_!BWf}~IRYe;r6K7u0(0*v4VkMCLg^6X<`#s|ltx5uLJE8<$8obUy~5(n-W5OS+aJ5%0zxjA*d85)RWorl>Rg0oMD%X z>~@j8F0xNYP|vAsC9nM^?3A9T=M|>C^INOk+~eKeBR(%{xV}qS1p^Ww0TLhq5+DH* zAOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8} z0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq z5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH* zAOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8} z0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq z5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+H&9>jZq&*WQI{Sm4=& z-xl_SGa>HsIk8K-axTB;T{Ky|WfS^U6K>C#kbi$B1R9)wCbh8=5+DH*AOR8}0TLhq z5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH* zAOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8} z0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq z5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH* zAOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8} z0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq z5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+DH*AOR8}0TLhq5+H&9 z=LG8ZaoucBJGttAxSY=)e(Y$!8kxvWjRvRk<>~R_RIophOeBN&Sfx^$e&GK5N5?B; zCx;Uw#mW08CQeQ6oE$Hgi{<-unFN$UVbA{EseSwR?-|~c-Mx2zHaWaEbug96?#mt= zJ~*7;y*Ii0;PBqv`FmcoPN`p4xvwx>7~YpUxOWfA@7kX`SSai|u>at}TsEJ}?alAX z9@vvA?91)DM;#lV`rUl_f#BG&qt0;Hlx`aRz>&uvJAQQMk%5Pfza1UOnfgcerBcJY z4rCAPD&%(U&!XC0so~VfzT^m+O%7+1dkZ7keS7ZFu)O64vt}fT=r+9DmGY}iaU&K* z%<0z}(q<%ssMYsIn&L(*2J2GAL>85^LvWq@s|F&uuy_B)_ zZ_jkm2TngRK0H}UOcxUe61n{F$x+Gs%%^Vsp-N1TO;^g5?668y@-r2c7@r!)-vR=a zC>L|tN>(L){q2K~C9=cgg^BFwv`rRE6|6%@_7oj}1{9PAK(uL|2(wmG-|F!va{@+CTA6uQ3-)-A?B)z&1 | FileCheck %s + +# CHECK: error: corrupt input file: version definition index 9 for symbol __cxa_finalize is greater than the maximum value 8 +# CHECK: >>> symbol is defined in {{.+}}/corrupt-version-reference.so + +.globl __start +__start: + dla $a0, __cxa_finalize + nop