From: Kevin Enderby <enderby@apple.com>
Date: Wed, 28 Sep 2016 21:20:45 +0000 (+0000)
Subject: Next set of additional error checks for invalid Mach-O files for the
X-Git-Tag: llvmorg-4.0.0-rc1~8699
X-Git-Url: http://review.tizen.org/git/?a=commitdiff_plain;h=32359dbf6b695185aa262dc848f5441dce6efa4e;p=platform%2Fupstream%2Fllvm.git

Next set of additional error checks for invalid Mach-O files for the
other load commands that use the Mach::version_min_command type
but not used in llvm libObject code but used in llvm tool code.

This includes LC_VERSION_MIN_MACOSX, LC_VERSION_MIN_IPHONEOS,
LC_VERSION_MIN_TVOS and LC_VERSION_MIN_WATCHOS load commands.

llvm-svn: 282635
---

diff --git a/llvm/lib/Object/MachOObjectFile.cpp b/llvm/lib/Object/MachOObjectFile.cpp
index fa00561..847e61f 100644
--- a/llvm/lib/Object/MachOObjectFile.cpp
+++ b/llvm/lib/Object/MachOObjectFile.cpp
@@ -654,6 +654,21 @@ static Error checkDyldCommand(const MachOObjectFile *Obj,
   return Error::success();
 }
 
+static Error checkVersCommand(const MachOObjectFile *Obj,
+                              const MachOObjectFile::LoadCommandInfo &Load,
+                              uint32_t LoadCommandIndex,
+                              const char **LoadCmd, const char *CmdName) {
+  if (Load.C.cmdsize != sizeof(MachO::version_min_command))
+    return malformedError("load command " + Twine(LoadCommandIndex) + " " +
+                          CmdName + " has incorrect cmdsize");
+  if (*LoadCmd != nullptr)
+    return malformedError("more than one LC_VERSION_MIN_MACOSX, "
+                          "LC_VERSION_MIN_IPHONEOS, LC_VERSION_MIN_TVOS or "
+                          "LC_VERSION_MIN_WATCHOS command");
+  *LoadCmd = Load.Ptr;
+  return Error::success();
+}
+
 Expected<std::unique_ptr<MachOObjectFile>>
 MachOObjectFile::create(MemoryBufferRef Object, bool IsLittleEndian,
                         bool Is64Bits) {
@@ -705,6 +720,7 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian,
   const char *FuncStartsLoadCmd = nullptr;
   const char *SplitInfoLoadCmd = nullptr;
   const char *CodeSignDrsLoadCmd = nullptr;
+  const char *VersLoadCmd = nullptr;
   for (unsigned I = 0; I < LoadCommandCount; ++I) {
     if (is64Bit()) {
       if (Load.C.cmdsize % 8 != 0) {
@@ -815,6 +831,22 @@ MachOObjectFile::MachOObjectFile(MemoryBufferRef Object, bool IsLittleEndian,
     } else if (Load.C.cmd == MachO::LC_DYLD_ENVIRONMENT) {
       if ((Err = checkDyldCommand(this, Load, I, "LC_DYLD_ENVIRONMENT")))
         return;
+    } else if (Load.C.cmd == MachO::LC_VERSION_MIN_MACOSX) {
+      if ((Err = checkVersCommand(this, Load, I, &VersLoadCmd,
+                                  "LC_VERSION_MIN_MACOSX")))
+        return;
+    } else if (Load.C.cmd == MachO::LC_VERSION_MIN_IPHONEOS) {
+      if ((Err = checkVersCommand(this, Load, I, &VersLoadCmd,
+                                  "LC_VERSION_MIN_IPHONEOS")))
+        return;
+    } else if (Load.C.cmd == MachO::LC_VERSION_MIN_TVOS) {
+      if ((Err = checkVersCommand(this, Load, I, &VersLoadCmd,
+                                  "LC_VERSION_MIN_TVOS")))
+        return;
+    } else if (Load.C.cmd == MachO::LC_VERSION_MIN_WATCHOS) {
+      if ((Err = checkVersCommand(this, Load, I, &VersLoadCmd,
+                                  "LC_VERSION_MIN_WATCHOS")))
+        return;
     }
     if (I < LoadCommandCount - 1) {
       if (auto LoadOrErr = getNextLoadCommandInfo(this, I, Load))
diff --git a/llvm/test/Object/Inputs/macho-invalid-vers-more-than-one b/llvm/test/Object/Inputs/macho-invalid-vers-more-than-one
new file mode 100644
index 0000000..5e3672b
Binary files /dev/null and b/llvm/test/Object/Inputs/macho-invalid-vers-more-than-one differ
diff --git a/llvm/test/Object/Inputs/macho-invalid-vers-small b/llvm/test/Object/Inputs/macho-invalid-vers-small
new file mode 100644
index 0000000..a3f77cd
Binary files /dev/null and b/llvm/test/Object/Inputs/macho-invalid-vers-small differ
diff --git a/llvm/test/Object/macho-invalid.test b/llvm/test/Object/macho-invalid.test
index 09928a1..c42de88 100644
--- a/llvm/test/Object/macho-invalid.test
+++ b/llvm/test/Object/macho-invalid.test
@@ -307,3 +307,9 @@ INVALID-DYLD-NAME_OFFSET-TOOBIG: macho-invalid-dyld-name_offset-toobig': truncat
 
 RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-dyld-name_toobig 2>&1 | FileCheck -check-prefix INVALID-DYLD-NAME_TOOBIG %s
 INVALID-DYLD-NAME_TOOBIG: macho-invalid-dyld-name_toobig': truncated or malformed object (load command 0 LC_DYLD_ENVIRONMENT dyld name extends past the end of the load command)
+
+RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-vers-small 2>&1 | FileCheck -check-prefix INVALID-VERS-SMALL %s
+INVALID-VERS-SMALL: macho-invalid-vers-small': truncated or malformed object (load command 0 LC_VERSION_MIN_MACOSX has incorrect cmdsize)
+
+RUN: not llvm-objdump -macho -private-headers %p/Inputs/macho-invalid-vers-more-than-one 2>&1 | FileCheck -check-prefix INVALID-VERS-MORE-THAN-ONE %s
+INVALID-VERS-MORE-THAN-ONE: macho-invalid-vers-more-than-one': truncated or malformed object (more than one LC_VERSION_MIN_MACOSX, LC_VERSION_MIN_IPHONEOS, LC_VERSION_MIN_TVOS or LC_VERSION_MIN_WATCHOS command)