Page MenuHomeFreeBSD
Files F140086884

D50837.id156987.diff
No OneTemporary
Actions

D50837.id156987.diff
View Options

diff --git a/contrib/llvm-project/llvm/include/llvm/ExecutionEngine/Orc/MachOBuilder.h b/contrib/llvm-project/llvm/include/llvm/ExecutionEngine/Orc/MachOBuilder.h
--- a/contrib/llvm-project/llvm/include/llvm/ExecutionEngine/Orc/MachOBuilder.h
+++ b/contrib/llvm-project/llvm/include/llvm/ExecutionEngine/Orc/MachOBuilder.h
@@ -97,8 +97,12 @@
size_t write(MutableArrayRef<char> Buf, size_t Offset,
bool SwapStruct) override {
Offset = writeMachOStruct(Buf, Offset, rawStruct(), SwapStruct);
- strcpy(Buf.data() + Offset, Name.data());
- return Offset + ((Name.size() + 1 + 3) & ~0x3);
+ size_t NameLen = Name.size();
+ if (Offset + NameLen + 1 > Buf.size())
+ llvm::report_fatal_error("Buffer overflow in LC_ID_DYLIB name write");
+ std::copy(Name.begin(), Name.end(), Buf.data() + Offset);
+ Buf[Offset + NameLen] = '\0';
+ return Offset + ((NameLen + 1 + 3) & ~0x3);
}
std::string Name;
@@ -134,8 +138,12 @@
: MachOBuilderLoadCommandImplBase(12u), Path(std::move(Path)) {
cmdsize += (this->Path.size() + 1 + 3) & ~0x3;
}
-
- size_t write(MutableArrayRef<char> Buf, size_t Offset,
+ size_t PathLen = Path.size();
+ if (Offset + PathLen + 1 > Buf.size())
+ llvm::report_fatal_error("Buffer overflow in LC_RPATH path write");
+ std::copy(Path.begin(), Path.end(), Buf.data() + Offset);
+ Buf[Offset + PathLen] = '\0';
+ return Offset + ((PathLen + 1 + 3) & ~0x3);
bool SwapStruct) override {
Offset = writeMachOStruct(Buf, Offset, rawStruct(), SwapStruct);
strcpy(Buf.data() + Offset, Path.data());
@@ -230,15 +238,23 @@
MachOBuilder &Builder;
SectionContent Content;
size_t SectionNumber = 0;
- SymbolContainer SC;
- std::vector<Reloc> Relocs;
+ if (SecName.size() > sizeof(this->sectname))
+ llvm::report_fatal_error("Section name too long");
+ if (SegName.size() > sizeof(this->segname))
+ llvm::report_fatal_error("Segment name too long");
+ std::fill(std::begin(this->sectname), std::end(this->sectname), 0);
+ std::fill(std::begin(this->segname), std::end(this->segname), 0);
+ memcpy(this->sectname, SecName.data(), SecName.size());
+ memcpy(this->segname, SegName.data(), SegName.size());
Section(MachOBuilder &Builder, StringRef SecName, StringRef SegName)
: RelocTarget(*this), Builder(Builder) {
memset(&rawStruct(), 0, sizeof(typename MachOTraits::Section));
- assert(SecName.size() <= 16 && "SecName too long");
- assert(SegName.size() <= 16 && "SegName too long");
- memcpy(this->sectname, SecName.data(), SecName.size());
+ if (Offset < 0)
+ llvm::report_fatal_error("Negative Offset used as symbol value");
+ Sym.n_value = Offset;
+ SC.Symbols.push_back(Sym);
+ return {SC, SC.Symbols.size() - 1};
memcpy(this->segname, SegName.data(), SegName.size());
}

File Metadata

Mime Type
text/plain
Expires
Sun, Dec 21, 1:38 AM (8 h, 44 m)
Storage Engine
blob
Storage Format
Raw Data
Storage Handle
27104558
Default Alt Text
D50837.id156987.diff (2 KB)

Event Timeline