commit a6d93fd73b82579ddd1ec9965f726e29b33c4bab
author David Majnemer <david.majnemer@gmail.com> Sat May 28 19:45:49 2016 +0000
committer David Majnemer <david.majnemer@gmail.com> Sat May 28 19:45:49 2016 +0000
tree 753cca1a5810568e4c4ef4f440f5a8e22c591b4d
parent 442b88b9ec50fe710b815776ecadfe2f509854a2

[llvm-readobj] Validate the string table offset before using it

llvm-svn: 271139

llvm/tools/llvm-readobj/COFFDumper.cpp

diff --git a/llvm/tools/llvm-readobj/COFFDumper.cpp b/llvm/tools/llvm-readobj/COFFDumper.cpp
index 642b284..8bad24b 100644
--- a/llvm/tools/llvm-readobj/COFFDumper.cpp
+++ b/llvm/tools/llvm-readobj/COFFDumper.cpp
@@ -794,14 +794,20 @@
       while (!Contents.empty()) {
         const FrameData *FD;
         error(consumeObject(Contents, FD));
+
+        if (FD->FrameFunc >= CVStringTable.size())
+          error(object_error::parse_failed);
+
+        StringRef FrameFunc =
+            CVStringTable.drop_front(FD->FrameFunc).split('\0').first;
+
         DictScope S(W, "FrameData");
         W.printHex("RvaStart", FD->RvaStart);
         W.printHex("CodeSize", FD->CodeSize);
         W.printHex("LocalSize", FD->LocalSize);
         W.printHex("ParamsSize", FD->ParamsSize);
         W.printHex("MaxStackSize", FD->MaxStackSize);
-        W.printString("FrameFunc",
-                      CVStringTable.drop_front(FD->FrameFunc).split('\0').first);
+        W.printString("FrameFunc", FrameFunc);
         W.printHex("PrologSize", FD->PrologSize);
         W.printHex("SavedRegsSize", FD->SavedRegsSize);
         W.printFlags("Flags", FD->Flags, makeArrayRef(FrameDataFlags));