[DebugInfo] Don't crash when given invalid DWARFv5 line table prologue.

JDevlieghere · JDevlieghere · commit 81a623d6d61c · 2018-01-05T10:03:02.000Z
This patch replaces an assertion with an explicit check for the validity of the FORM parameters. The assertion was triggered when the DWARFv5 line table contained a zero address size. This fixes OSS-Fuzz Issue 4644 https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4644 Differential revision: https://reviews.llvm.org/D41615 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@321863 91177308-0d34-0410-b5e6-96231b3b80d8
diff --git a/include/llvm/DebugInfo/DWARF/DWARFFormValue.h b/include/llvm/DebugInfo/DWARF/DWARFFormValue.h
@@ -50,6 +50,8 @@ struct DWARFFormParams {
     }
     llvm_unreachable("Invalid Format value");
   }
+
+  explicit operator bool() const { return Version && AddrSize; }
 };
 
 class DWARFFormValue {
diff --git a/lib/DebugInfo/DWARF/DWARFDebugLine.cpp b/lib/DebugInfo/DWARF/DWARFDebugLine.cpp
@@ -268,7 +268,7 @@ bool DWARFDebugLine::Prologue::parse(const DWARFDataExtractor &DebugLineData,
 
   if (getVersion() >= 5) {
     if (!parseV5DirFileTables(DebugLineData, OffsetPtr, EndPrologueOffset,
-                              getFormParams(), U, HasMD5, IncludeDirectories,
+                              FormParams, U, HasMD5, IncludeDirectories,
                               FileNames)) {
       fprintf(stderr,
               "warning: parsing line table prologue at 0x%8.8" PRIx64
diff --git a/lib/DebugInfo/DWARF/DWARFFormValue.cpp b/lib/DebugInfo/DWARF/DWARFFormValue.cpp
@@ -64,8 +64,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
                                  const DWARFFormParams Params) {
   switch (Form) {
   case DW_FORM_addr:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
-    return Params.AddrSize;
+    if (Params)
+      return Params.AddrSize;
+    return None;
 
   case DW_FORM_block:          // ULEB128 length L followed by L bytes.
   case DW_FORM_block1:         // 1 byte length L followed by L bytes.
@@ -86,8 +87,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
     return None;
 
   case DW_FORM_ref_addr:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
-    return Params.getRefAddrByteSize();
+    if (Params)
+      return Params.getRefAddrByteSize();
+    return None;
 
   case DW_FORM_flag:
   case DW_FORM_data1:
@@ -118,8 +120,9 @@ DWARFFormValue::getFixedByteSize(dwarf::Form Form,
   case DW_FORM_line_strp:
   case DW_FORM_sec_offset:
   case DW_FORM_strp_sup:
-    assert(Params.Version && Params.AddrSize && "Invalid Params for form");
-    return Params.getDwarfOffsetByteSize();
+    if (Params)
+      return Params.getDwarfOffsetByteSize();
+    return None;
 
   case DW_FORM_data8:
   case DW_FORM_ref8:
diff --git a/test/DebugInfo/Inputs/invalid.linetable b/test/DebugInfo/Inputs/invalid.linetable
diff --git a/test/DebugInfo/dwarfdump-invalid-line-table.test b/test/DebugInfo/dwarfdump-invalid-line-table.test
@@ -0,0 +1,5 @@
+Verify that dwarfdump doesn't crash on invalid line table prologue.
+OSS-Fuzz Issue 4644 (https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=4644)
+
+RUN: llvm-dwarfdump --verbose %p/Inputs/invalid.linetable 2>&1 | FileCheck %s --check-prefix=INVALID-LINE-TABLE
+INVALID-LINE-TABLE: invalid directory or file table description

Original file line number	Diff line number	Diff line change
`@@ -50,6 +50,8 @@ struct DWARFFormParams {`
`50`	`50`	`}`
`51`	`51`	`llvm_unreachable("Invalid Format value");`
`52`	`52`	`}`
	`53`	`+`
	`54`	`+ explicit operator bool() const { return Version && AddrSize; }`
`53`	`55`	`};`
`54`	`56`
`55`	`57`	`class DWARFFormValue {`