[pdb] Sanity check the stream map

Some abstractions in LLVM "know" that they are reading in-bounds, FixedStreamArray, and provide a simple result. This breaks down if the stream map is bogus. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@275010 91177308-0d34-0410-b5e6-96231b3b80d8
author: David Majnemer <david.majnemer@gmail.com> 2016-07-10 05:32:05 +0000
committer: David Majnemer <david.majnemer@gmail.com> 2016-07-10 05:32:05 +0000
commit: 65dccf78843e64aa34a1f2ac8206aa8b0553a284 (patch)
tree: e721f06361861f41b1e0744c54ba6554d92e2ba2
parent: 7aa47467551bc942c41af91107a9ee6c3f7fc553 (diff)
2 files changed, 8 insertions, 2 deletions
diff --git a/include/llvm/DebugInfo/PDB/Raw/PDBFile.h b/include/llvm/DebugInfo/PDB/Raw/PDBFile.h
index a8e1dc5c307..11ddb2e63eb 100644
--- a/include/llvm/DebugInfo/PDB/Raw/PDBFile.h
+++ b/include/llvm/DebugInfo/PDB/Raw/PDBFile.h
@@ -82,7 +82,7 @@ public:
   uint32_t getStreamByteSize(uint32_t StreamIndex) const override;
   ArrayRef<support::ulittle32_t>
   getStreamBlockList(uint32_t StreamIndex) const override;
-  size_t getFileSize() const;
+  uint32_t getFileSize() const;
 
   Expected<ArrayRef<uint8_t>> getBlockData(uint32_t BlockIndex,
                                            uint32_t NumBytes) const override;
diff --git a/lib/DebugInfo/PDB/Raw/PDBFile.cpp b/lib/DebugInfo/PDB/Raw/PDBFile.cpp
index b289fd0124b..ce2446cba80 100644
--- a/lib/DebugInfo/PDB/Raw/PDBFile.cpp
+++ b/lib/DebugInfo/PDB/Raw/PDBFile.cpp
@@ -71,7 +71,7 @@ PDBFile::getStreamBlockList(uint32_t StreamIndex) const {
   return StreamMap[StreamIndex];
 }
 
-size_t PDBFile::getFileSize() const { return Buffer->getLength(); }
+uint32_t PDBFile::getFileSize() const { return Buffer->getLength(); }
 
 Expected<ArrayRef<uint8_t>> PDBFile::getBlockData(uint32_t BlockIndex,
                                                   uint32_t NumBytes) const {
@@ -154,6 +154,12 @@ Error PDBFile::parseStreamData() {
     ArrayRef<support::ulittle32_t> Blocks;
     if (auto EC = Reader.readArray(Blocks, NumExpectedStreamBlocks))
       return EC;
+    for (uint32_t Block : Blocks) {
+      uint64_t BlockEndOffset = (uint64_t)(Block + 1) * SB->BlockSize;
+      if (BlockEndOffset > getFileSize())
+        return make_error<RawError>(raw_error_code::corrupt_file,
+                                    "Stream block map is corrupt.");
+    }
     StreamMap.push_back(Blocks);
   }
author	David Majnemer <david.majnemer@gmail.com>	2016-07-10 05:32:05 +0000
committer	David Majnemer <david.majnemer@gmail.com>	2016-07-10 05:32:05 +0000
commit	65dccf78843e64aa34a1f2ac8206aa8b0553a284 (patch)
tree	e721f06361861f41b1e0744c54ba6554d92e2ba2
parent	7aa47467551bc942c41af91107a9ee6c3f7fc553 (diff)