[COFF] Don't trust a symbol's section number

This fixes a test which exposed an ASan issue.

We assumed that a symbol's section number had a corresponding section
without performing validation.

llvm-svn: 263558

diff --git a/lld/COFF/InputFiles.cpp b/lld/COFF/InputFiles.cpp
index 23af1e8..bc866b6 100644 (file)
--- a/lld/COFF/InputFiles.cpp
+++ b/lld/COFF/InputFiles.cpp
@@ -219,11 +219,21 @@ Defined *ObjectFile::createDefined(COFFSymbolRef Sym, const void *AuxP,
     }
     return new (Alloc) DefinedAbsolute(Name, Sym);
   }
-  if (Sym.getSectionNumber() == llvm::COFF::IMAGE_SYM_DEBUG)
+  int32_t SectionNumber = Sym.getSectionNumber();
+  if (SectionNumber == llvm::COFF::IMAGE_SYM_DEBUG)
     return nullptr;
 
+  // Reserved sections numbers don't have contents.
+  if (llvm::COFF::isReservedSectionNumber(SectionNumber))
+    error(Twine("broken object file: ") + getName());
+
+  // This symbol references a section which is not present in the section
+  // header.
+  if ((uint32_t)SectionNumber >= SparseChunks.size())
+    error(Twine("broken object file: ") + getName());
+
   // Nothing else to do without a section chunk.
-  auto *SC = cast_or_null<SectionChunk>(SparseChunks[Sym.getSectionNumber()]);
+  auto *SC = cast_or_null<SectionChunk>(SparseChunks[SectionNumber]);
   if (!SC)
     return nullptr;
 

diff --git a/lld/test/COFF/loadcfg.test b/lld/test/COFF/loadcfg.test
index 3f789d6..9c6ec2c 100644 (file)
--- a/lld/test/COFF/loadcfg.test
+++ b/lld/test/COFF/loadcfg.test
@@ -56,7 +56,7 @@ symbols:
     StorageClass:    IMAGE_SYM_CLASS_EXTERNAL
   - Name:            .rdata
     Value:           0
-    SectionNumber:   4
+    SectionNumber:   3
     SimpleType:      IMAGE_SYM_TYPE_NULL
     ComplexType:     IMAGE_SYM_DTYPE_NULL
     StorageClass:    IMAGE_SYM_CLASS_STATIC