tools: address possible non-null terminated filenames If a filename is a multiple of 18 characters, there will be no null-terminator. This will result in an invalid access by the constructed StringRef. Add a test case to exercise this and fix that handling. Address this same vulnerability in llvm-readobj as well. llvm-svn: 206145

commit: d38c6b1e4bdec798517aee0d3ad7ff461a5b54b7 [log] [tgz]
author: Saleem Abdulrasool <compnerd@compnerd.org> Mon Apr 14 02:37:23 2014 +0000
committer: Saleem Abdulrasool <compnerd@compnerd.org> Mon Apr 14 02:37:23 2014 +0000
tree: f1929bb06fa272333688e0582ab6d4858ca86b51
parent: b5f3ddc7a1dbbbe8e9d26a28bac6682e11fdc9b5 [diff] [blame]
diff --git a/llvm/tools/llvm-readobj/COFFDumper.cpp b/llvm/tools/llvm-readobj/COFFDumper.cpp
index 69be82e..8d08d02 100644
--- a/llvm/tools/llvm-readobj/COFFDumper.cpp
+++ b/llvm/tools/llvm-readobj/COFFDumper.cpp

@@ -977,7 +977,10 @@
         break;
 
       DictScope AS(W, "AuxFileRecord");
-      W.printString("FileName", StringRef(Aux->FileName));
+
+      StringRef Name(Aux->FileName,
+                     Symbol->NumberOfAuxSymbols * COFF::SymbolSize);
+      W.printString("FileName", Name.rtrim(StringRef("\0", 1)));
     } else if (Symbol->isSectionDefinition()) {
       const coff_aux_section_definition *Aux;
       if (error(getSymbolAuxData(Obj, Symbol + I, Aux)))
commit	d38c6b1e4bdec798517aee0d3ad7ff461a5b54b7	[log] [tgz]
author	Saleem Abdulrasool <compnerd@compnerd.org>	Mon Apr 14 02:37:23 2014 +0000
committer	Saleem Abdulrasool <compnerd@compnerd.org>	Mon Apr 14 02:37:23 2014 +0000
tree	f1929bb06fa272333688e0582ab6d4858ca86b51
parent	b5f3ddc7a1dbbbe8e9d26a28bac6682e11fdc9b5 [diff] [blame]