diff options
| author | Cyndy Ishida <cyndy_ishida@apple.com> | 2024-07-09 10:18:05 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2024-07-09 10:18:05 -0700 |
| commit | cc945e41a7788327d0e8ba0ea6dc3571d7efa04f (patch) | |
| tree | 55594c13820f3d9d0794dc3ddc5bd45158be39d5 /llvm/lib/Object/MachOObjectFile.cpp | |
| parent | bd7b16217bbac4b1e1a25c7bf9566db715ca9b10 (diff) | |
| download | llvm-cc945e41a7788327d0e8ba0ea6dc3571d7efa04f.zip llvm-cc945e41a7788327d0e8ba0ea6dc3571d7efa04f.tar.gz llvm-cc945e41a7788327d0e8ba0ea6dc3571d7efa04f.tar.bz2 | |
[MachO] Loosen boundary check for reading export trie nodes (#96705)
The design of the export trie in macho's is that each node has a
variable length payload. When reading nodes, it should be an error if
reading the uleb128 puts you beyond the stated node size but not when
the stated size goes beyond the known part that was read.
resolves: rdar://130310832
This was primarily authored by Nick Kledzik, I added/cleaned up the test
cases.
Diffstat (limited to 'llvm/lib/Object/MachOObjectFile.cpp')
| -rw-r--r-- | llvm/lib/Object/MachOObjectFile.cpp | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/llvm/lib/Object/MachOObjectFile.cpp b/llvm/lib/Object/MachOObjectFile.cpp index 61d880b..812b2c0 100644 --- a/llvm/lib/Object/MachOObjectFile.cpp +++ b/llvm/lib/Object/MachOObjectFile.cpp @@ -3104,7 +3104,7 @@ void ExportEntry::pushNode(uint64_t offset) { } } } - if(ExportStart + ExportInfoSize != State.Current) { + if (ExportStart + ExportInfoSize < State.Current) { *E = malformedError( "inconsistent export info size: 0x" + Twine::utohexstr(ExportInfoSize) + " where actual size was: 0x" + |