cranelift-object: reject symbol names with NUL byte without panic'ing.

Avoid a `panic!()`, and return a proper error, on a NUL byte. We hit a null-byte check inside the `object` crate otherwise; this blocks fuzzing when testing via a write-object-file-and-dlopen flow.
2020-12-16 18:50:05 -08:00
parent e33326f4e0
commit 76fb9a08c7
2 changed files with 59 additions and 0 deletions
--- a/cranelift/object/src/backend.rs
+++ b/cranelift/object/src/backend.rs
@@ -145,6 +145,18 @@ impl ObjectModule {
    }
 }

+fn validate_symbol(name: &str) -> ModuleResult<()> {
+    // null bytes are not allowed in symbol names and will cause the `object`
+    // crate to panic. Let's return a clean error instead.
+    if name.contains("\0") {
+        return Err(ModuleError::Backend(anyhow::anyhow!(
+            "Symbol {:?} has a null byte, which is disallowed",
+            name
+        )));
+    }
+    Ok(())
+}
+
 impl Module for ObjectModule {
    fn isa(&self) -> &dyn TargetIsa {
        &*self.isa
@@ -160,6 +172,8 @@ impl Module for ObjectModule {
        linkage: Linkage,
        signature: &ir::Signature,
    ) -> ModuleResult<FuncId> {
+        validate_symbol(name)?;
+
        let (id, decl) = self
            .declarations
            .declare_function(name, linkage, signature)?;
@@ -194,6 +208,8 @@ impl Module for ObjectModule {
        writable: bool,
        tls: bool,
    ) -> ModuleResult<DataId> {
+        validate_symbol(name)?;
+
        let (id, decl) = self
            .declarations
            .declare_data(name, linkage, writable, tls)?;
--- a/cranelift/object/tests/basic.rs
+++ b/cranelift/object/tests/basic.rs
@@ -197,3 +197,46 @@ fn libcall_function() {

    module.finish();
 }
+
+#[test]
+#[should_panic(
+    expected = "Result::unwrap()` on an `Err` value: Backend(Symbol \"function\\u{0}with\\u{0}nul\\u{0}bytes\" has a null byte, which is disallowed"
+)]
+fn reject_nul_byte_symbol_for_func() {
+    let flag_builder = settings::builder();
+    let isa_builder = cranelift_codegen::isa::lookup_by_name("x86_64-unknown-linux-gnu").unwrap();
+    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
+    let mut module =
+        ObjectModule::new(ObjectBuilder::new(isa, "foo", default_libcall_names()).unwrap());
+
+    let sig = Signature {
+        params: vec![],
+        returns: vec![],
+        call_conv: CallConv::SystemV,
+    };
+
+    let _ = module
+        .declare_function("function\u{0}with\u{0}nul\u{0}bytes", Linkage::Local, &sig)
+        .unwrap();
+}
+
+#[test]
+#[should_panic(
+    expected = "Result::unwrap()` on an `Err` value: Backend(Symbol \"data\\u{0}with\\u{0}nul\\u{0}bytes\" has a null byte, which is disallowed"
+)]
+fn reject_nul_byte_symbol_for_data() {
+    let flag_builder = settings::builder();
+    let isa_builder = cranelift_codegen::isa::lookup_by_name("x86_64-unknown-linux-gnu").unwrap();
+    let isa = isa_builder.finish(settings::Flags::new(flag_builder));
+    let mut module =
+        ObjectModule::new(ObjectBuilder::new(isa, "foo", default_libcall_names()).unwrap());
+
+    let _ = module
+        .declare_data(
+            "data\u{0}with\u{0}nul\u{0}bytes",
+            Linkage::Local,
+            /* writable = */ true,
+            /* tls = */ false,
+        )
+        .unwrap();
+}