Bug Summary

File:lib/Object/MachOUniversal.cpp
Warning:line 58, column 9
Undefined or garbage value returned to caller

Annotated Source Code

Press '?' to see keyboard shortcuts

clang -cc1 -triple x86_64-pc-linux-gnu -analyze -disable-free -disable-llvm-verifier -discard-value-names -main-file-name MachOUniversal.cpp -analyzer-store=region -analyzer-opt-analyze-nested-blocks -analyzer-eagerly-assume -analyzer-checker=core -analyzer-checker=apiModeling -analyzer-checker=unix -analyzer-checker=deadcode -analyzer-checker=cplusplus -analyzer-checker=security.insecureAPI.UncheckedReturn -analyzer-checker=security.insecureAPI.getpw -analyzer-checker=security.insecureAPI.gets -analyzer-checker=security.insecureAPI.mktemp -analyzer-checker=security.insecureAPI.mkstemp -analyzer-checker=security.insecureAPI.vfork -analyzer-checker=nullability.NullPassedToNonnull -analyzer-checker=nullability.NullReturnedFromNonnull -analyzer-output plist -w -mrelocation-model pic -pic-level 2 -mthread-model posix -fmath-errno -masm-verbose -mconstructor-aliases -munwind-tables -fuse-init-array -target-cpu x86-64 -dwarf-column-info -debugger-tuning=gdb -momit-leaf-frame-pointer -ffunction-sections -fdata-sections -resource-dir /usr/lib/llvm-7/lib/clang/7.0.0 -D _DEBUG -D _GNU_SOURCE -D __STDC_CONSTANT_MACROS -D __STDC_FORMAT_MACROS -D __STDC_LIMIT_MACROS -I /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/lib/Object -I /build/llvm-toolchain-snapshot-7~svn329677/lib/Object -I /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/include -I /build/llvm-toolchain-snapshot-7~svn329677/include -U NDEBUG -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/x86_64-linux-gnu/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/x86_64-linux-gnu/c++/7.3.0 -internal-isystem /usr/lib/gcc/x86_64-linux-gnu/7.3.0/../../../../include/c++/7.3.0/backward -internal-isystem /usr/include/clang/7.0.0/include/ -internal-isystem /usr/local/include -internal-isystem /usr/lib/llvm-7/lib/clang/7.0.0/include -internal-externc-isystem /usr/include/x86_64-linux-gnu -internal-externc-isystem /include -internal-externc-isystem /usr/include -O2 -Wno-unused-parameter -Wwrite-strings -Wno-missing-field-initializers -Wno-long-long -Wno-maybe-uninitialized -Wno-comment -std=c++11 -fdeprecated-macro -fdebug-compilation-dir /build/llvm-toolchain-snapshot-7~svn329677/build-llvm/lib/Object -ferror-limit 19 -fmessage-length 0 -fvisibility-inlines-hidden -fobjc-runtime=gcc -fdiagnostics-show-option -vectorize-loops -vectorize-slp -analyzer-checker optin.performance.Padding -analyzer-output=html -analyzer-config stable-report-filename=true -o /tmp/scan-build-2018-04-11-031539-24776-1 -x c++ /build/llvm-toolchain-snapshot-7~svn329677/lib/Object/MachOUniversal.cpp

/build/llvm-toolchain-snapshot-7~svn329677/lib/Object/MachOUniversal.cpp

1//===- MachOUniversal.cpp - Mach-O universal binary -------------*- C++ -*-===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file defines the MachOUniversalBinary class.
11//
12//===----------------------------------------------------------------------===//
13
14#include "llvm/Object/MachOUniversal.h"
15#include "llvm/Object/Archive.h"
16#include "llvm/Object/MachO.h"
17#include "llvm/Object/ObjectFile.h"
18#include "llvm/Support/Casting.h"
19#include "llvm/Support/Host.h"
20#include "llvm/Support/MemoryBuffer.h"
21
22using namespace llvm;
23using namespace object;
24
25static Error
26malformedError(Twine Msg) {
27 std::string StringMsg = "truncated or malformed fat file (" + Msg.str() + ")";
28 return make_error<GenericBinaryError>(std::move(StringMsg),
29 object_error::parse_failed);
30}
31
32template<typename T>
33static T getUniversalBinaryStruct(const char *Ptr) {
34 T Res;
35 memcpy(&Res, Ptr, sizeof(T));
36 // Universal binary headers have big-endian byte order.
37 if (sys::IsLittleEndianHost)
38 swapStruct(Res);
39 return Res;
40}
41
42MachOUniversalBinary::ObjectForArch::ObjectForArch(
43 const MachOUniversalBinary *Parent, uint32_t Index)
44 : Parent(Parent), Index(Index) {
45 // The iterators use Parent as a nullptr and an Index+1 == NumberOfObjects.
46 if (!Parent || Index >= Parent->getNumberOfObjects()) {
19
Taking false branch
47 clear();
48 } else {
49 // Parse object header.
50 StringRef ParentData = Parent->getData();
51 if (Parent->getMagic() == MachO::FAT_MAGIC) {
20
Assuming the condition is false
21
Taking false branch
52 const char *HeaderPos = ParentData.begin() + sizeof(MachO::fat_header) +
53 Index * sizeof(MachO::fat_arch);
54 Header = getUniversalBinaryStruct<MachO::fat_arch>(HeaderPos);
55 } else { // Parent->getMagic() == MachO::FAT_MAGIC_64
56 const char *HeaderPos = ParentData.begin() + sizeof(MachO::fat_header) +
57 Index * sizeof(MachO::fat_arch_64);
58 Header64 = getUniversalBinaryStruct<MachO::fat_arch_64>(HeaderPos);
59 }
60 }
61}
22
Returning without writing to 'this->Header.cputype'
62
63Expected<std::unique_ptr<MachOObjectFile>>
64MachOUniversalBinary::ObjectForArch::getAsObjectFile() const {
65 if (!Parent)
66 report_fatal_error("MachOUniversalBinary::ObjectForArch::getAsObjectFile() "
67 "called when Parent is a nullptr");
68
69 StringRef ParentData = Parent->getData();
70 StringRef ObjectData;
71 uint32_t cputype;
72 if (Parent->getMagic() == MachO::FAT_MAGIC) {
73 ObjectData = ParentData.substr(Header.offset, Header.size);
74 cputype = Header.cputype;
75 } else { // Parent->getMagic() == MachO::FAT_MAGIC_64
76 ObjectData = ParentData.substr(Header64.offset, Header64.size);
77 cputype = Header64.cputype;
78 }
79 StringRef ObjectName = Parent->getFileName();
80 MemoryBufferRef ObjBuffer(ObjectData, ObjectName);
81 return ObjectFile::createMachOObjectFile(ObjBuffer, cputype, Index);
82}
83
84Expected<std::unique_ptr<Archive>>
85MachOUniversalBinary::ObjectForArch::getAsArchive() const {
86 if (!Parent)
87 report_fatal_error("MachOUniversalBinary::ObjectForArch::getAsArchive() "
88 "called when Parent is a nullptr");
89
90 StringRef ParentData = Parent->getData();
91 StringRef ObjectData;
92 if (Parent->getMagic() == MachO::FAT_MAGIC)
93 ObjectData = ParentData.substr(Header.offset, Header.size);
94 else // Parent->getMagic() == MachO::FAT_MAGIC_64
95 ObjectData = ParentData.substr(Header64.offset, Header64.size);
96 StringRef ObjectName = Parent->getFileName();
97 MemoryBufferRef ObjBuffer(ObjectData, ObjectName);
98 return Archive::create(ObjBuffer);
99}
100
101void MachOUniversalBinary::anchor() { }
102
103Expected<std::unique_ptr<MachOUniversalBinary>>
104MachOUniversalBinary::create(MemoryBufferRef Source) {
105 Error Err = Error::success();
106 std::unique_ptr<MachOUniversalBinary> Ret(
107 new MachOUniversalBinary(Source, Err));
108 if (Err)
109 return std::move(Err);
110 return std::move(Ret);
111}
112
113MachOUniversalBinary::MachOUniversalBinary(MemoryBufferRef Source, Error &Err)
114 : Binary(Binary::ID_MachOUniversalBinary, Source), Magic(0),
115 NumberOfObjects(0) {
116 ErrorAsOutParameter ErrAsOutParam(&Err);
117 if (Data.getBufferSize() < sizeof(MachO::fat_header)) {
1
Assuming the condition is false
2
Taking false branch
118 Err = make_error<GenericBinaryError>("File too small to be a Mach-O "
119 "universal file",
120 object_error::invalid_file_type);
121 return;
122 }
123 // Check for magic value and sufficient header size.
124 StringRef Buf = getData();
125 MachO::fat_header H =
126 getUniversalBinaryStruct<MachO::fat_header>(Buf.begin());
127 Magic = H.magic;
128 NumberOfObjects = H.nfat_arch;
129 if (NumberOfObjects == 0) {
3
Assuming the condition is false
4
Taking false branch
130 Err = malformedError("contains zero architecture types");
131 return;
132 }
133 uint32_t MinSize = sizeof(MachO::fat_header);
134 if (Magic == MachO::FAT_MAGIC)
5
Assuming the condition is true
6
Taking true branch
135 MinSize += sizeof(MachO::fat_arch) * NumberOfObjects;
136 else if (Magic == MachO::FAT_MAGIC_64)
137 MinSize += sizeof(MachO::fat_arch_64) * NumberOfObjects;
138 else {
139 Err = malformedError("bad magic number");
140 return;
141 }
142 if (Buf.size() < MinSize) {
7
Taking false branch
143 Err = malformedError("fat_arch" +
144 Twine(Magic == MachO::FAT_MAGIC ? "" : "_64") +
145 " structs would extend past the end of the file");
146 return;
147 }
148 for (uint32_t i = 0; i < NumberOfObjects; i++) {
8
Loop condition is true. Entering loop body
14
Assuming the condition is false
15
Loop condition is false. Execution continues on line 181
149 ObjectForArch A(this, i);
150 uint64_t bigSize = A.getOffset();
151 bigSize += A.getSize();
152 if (bigSize > Buf.size()) {
9
Taking false branch
153 Err = malformedError("offset plus size of cputype (" +
154 Twine(A.getCPUType()) + ") cpusubtype (" +
155 Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
156 ") extends past the end of the file");
157 return;
158 }
159#define MAXSECTALIGN15 15 /* 2**15 or 0x8000 */
160 if (A.getAlign() > MAXSECTALIGN15) {
10
Assuming the condition is false
11
Taking false branch
161 Err = malformedError("align (2^" + Twine(A.getAlign()) + ") too large "
162 "for cputype (" + Twine(A.getCPUType()) + ") cpusubtype (" +
163 Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
164 ") (maximum 2^" + Twine(MAXSECTALIGN15) + ")");
165 return;
166 }
167 if(A.getOffset() % (1 << A.getAlign()) != 0){
12
Taking false branch
168 Err = malformedError("offset: " + Twine(A.getOffset()) +
169 " for cputype (" + Twine(A.getCPUType()) + ") cpusubtype (" +
170 Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
171 ") not aligned on it's alignment (2^" + Twine(A.getAlign()) + ")");
172 return;
173 }
174 if (A.getOffset() < MinSize) {
13
Taking false branch
175 Err = malformedError("cputype (" + Twine(A.getCPUType()) + ") "
176 "cpusubtype (" + Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
177 ") offset " + Twine(A.getOffset()) + " overlaps universal headers");
178 return;
179 }
180 }
181 for (uint32_t i = 0; i < NumberOfObjects; i++) {
16
Assuming the condition is true
17
Loop condition is true. Entering loop body
182 ObjectForArch A(this, i);
18
Calling constructor for 'ObjectForArch'
23
Returning from constructor for 'ObjectForArch'
183 for (uint32_t j = i + 1; j < NumberOfObjects; j++) {
24
Assuming the condition is true
25
Loop condition is true. Entering loop body
184 ObjectForArch B(this, j);
185 if (A.getCPUType() == B.getCPUType() &&
26
Calling 'ObjectForArch::getCPUType'
186 (A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) ==
187 (B.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK)) {
188 Err = malformedError("contains two of the same architecture (cputype "
189 "(" + Twine(A.getCPUType()) + ") cpusubtype (" +
190 Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) + "))");
191 return;
192 }
193 if ((A.getOffset() >= B.getOffset() &&
194 A.getOffset() < B.getOffset() + B.getSize()) ||
195 (A.getOffset() + A.getSize() > B.getOffset() &&
196 A.getOffset() + A.getSize() < B.getOffset() + B.getSize()) ||
197 (A.getOffset() <= B.getOffset() &&
198 A.getOffset() + A.getSize() >= B.getOffset() + B.getSize())) {
199 Err = malformedError("cputype (" + Twine(A.getCPUType()) + ") "
200 "cpusubtype (" + Twine(A.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK) +
201 ") at offset " + Twine(A.getOffset()) + " with a size of " +
202 Twine(A.getSize()) + ", overlaps cputype (" + Twine(B.getCPUType()) +
203 ") cpusubtype (" + Twine(B.getCPUSubType() & ~MachO::CPU_SUBTYPE_MASK)
204 + ") at offset " + Twine(B.getOffset()) + " with a size of "
205 + Twine(B.getSize()));
206 return;
207 }
208 }
209 }
210 Err = Error::success();
211}
212
213Expected<std::unique_ptr<MachOObjectFile>>
214MachOUniversalBinary::getObjectForArch(StringRef ArchName) const {
215 if (Triple(ArchName).getArch() == Triple::ArchType::UnknownArch)
216 return make_error<GenericBinaryError>("Unknown architecture "
217 "named: " +
218 ArchName,
219 object_error::arch_not_found);
220
221 for (auto &Obj : objects())
222 if (Obj.getArchFlagName() == ArchName)
223 return Obj.getAsObjectFile();
224 return make_error<GenericBinaryError>("fat file does not "
225 "contain " +
226 ArchName,
227 object_error::arch_not_found);
228}

/build/llvm-toolchain-snapshot-7~svn329677/include/llvm/Object/MachOUniversal.h

1//===- MachOUniversal.h - Mach-O universal binaries -------------*- C++ -*-===//
2//
3// The LLVM Compiler Infrastructure
4//
5// This file is distributed under the University of Illinois Open Source
6// License. See LICENSE.TXT for details.
7//
8//===----------------------------------------------------------------------===//
9//
10// This file declares Mach-O fat/universal binaries.
11//
12//===----------------------------------------------------------------------===//
13
14#ifndef LLVM_OBJECT_MACHOUNIVERSAL_H
15#define LLVM_OBJECT_MACHOUNIVERSAL_H
16
17#include "llvm/ADT/Triple.h"
18#include "llvm/ADT/iterator_range.h"
19#include "llvm/BinaryFormat/MachO.h"
20#include "llvm/Object/Archive.h"
21#include "llvm/Object/Binary.h"
22#include "llvm/Object/MachO.h"
23
24namespace llvm {
25class StringRef;
26
27namespace object {
28
29class MachOUniversalBinary : public Binary {
30 virtual void anchor();
31
32 uint32_t Magic;
33 uint32_t NumberOfObjects;
34public:
35 class ObjectForArch {
36 const MachOUniversalBinary *Parent;
37 /// \brief Index of object in the universal binary.
38 uint32_t Index;
39 /// \brief Descriptor of the object.
40 MachO::fat_arch Header;
41 MachO::fat_arch_64 Header64;
42
43 public:
44 ObjectForArch(const MachOUniversalBinary *Parent, uint32_t Index);
45
46 void clear() {
47 Parent = nullptr;
48 Index = 0;
49 }
50
51 bool operator==(const ObjectForArch &Other) const {
52 return (Parent == Other.Parent) && (Index == Other.Index);
53 }
54
55 ObjectForArch getNext() const { return ObjectForArch(Parent, Index + 1); }
56 uint32_t getCPUType() const {
57 if (Parent->getMagic() == MachO::FAT_MAGIC)
27
Taking true branch
58 return Header.cputype;
28
Undefined or garbage value returned to caller
59 else // Parent->getMagic() == MachO::FAT_MAGIC_64
60 return Header64.cputype;
61 }
62 uint32_t getCPUSubType() const {
63 if (Parent->getMagic() == MachO::FAT_MAGIC)
64 return Header.cpusubtype;
65 else // Parent->getMagic() == MachO::FAT_MAGIC_64
66 return Header64.cpusubtype;
67 }
68 uint32_t getOffset() const {
69 if (Parent->getMagic() == MachO::FAT_MAGIC)
70 return Header.offset;
71 else // Parent->getMagic() == MachO::FAT_MAGIC_64
72 return Header64.offset;
73 }
74 uint32_t getSize() const {
75 if (Parent->getMagic() == MachO::FAT_MAGIC)
76 return Header.size;
77 else // Parent->getMagic() == MachO::FAT_MAGIC_64
78 return Header64.size;
79 }
80 uint32_t getAlign() const {
81 if (Parent->getMagic() == MachO::FAT_MAGIC)
82 return Header.align;
83 else // Parent->getMagic() == MachO::FAT_MAGIC_64
84 return Header64.align;
85 }
86 uint32_t getReserved() const {
87 if (Parent->getMagic() == MachO::FAT_MAGIC)
88 return 0;
89 else // Parent->getMagic() == MachO::FAT_MAGIC_64
90 return Header64.reserved;
91 }
92 std::string getArchFlagName() const {
93 const char *McpuDefault, *ArchFlag;
94 if (Parent->getMagic() == MachO::FAT_MAGIC) {
95 Triple T =
96 MachOObjectFile::getArchTriple(Header.cputype, Header.cpusubtype,
97 &McpuDefault, &ArchFlag);
98 } else { // Parent->getMagic() == MachO::FAT_MAGIC_64
99 Triple T =
100 MachOObjectFile::getArchTriple(Header64.cputype,
101 Header64.cpusubtype,
102 &McpuDefault, &ArchFlag);
103 }
104 if (ArchFlag) {
105 std::string ArchFlagName(ArchFlag);
106 return ArchFlagName;
107 } else {
108 std::string ArchFlagName("");
109 return ArchFlagName;
110 }
111 }
112
113 Expected<std::unique_ptr<MachOObjectFile>> getAsObjectFile() const;
114
115 Expected<std::unique_ptr<Archive>> getAsArchive() const;
116 };
117
118 class object_iterator {
119 ObjectForArch Obj;
120 public:
121 object_iterator(const ObjectForArch &Obj) : Obj(Obj) {}
122 const ObjectForArch *operator->() const { return &Obj; }
123 const ObjectForArch &operator*() const { return Obj; }
124
125 bool operator==(const object_iterator &Other) const {
126 return Obj == Other.Obj;
127 }
128 bool operator!=(const object_iterator &Other) const {
129 return !(*this == Other);
130 }
131
132 object_iterator& operator++() { // Preincrement
133 Obj = Obj.getNext();
134 return *this;
135 }
136 };
137
138 MachOUniversalBinary(MemoryBufferRef Souce, Error &Err);
139 static Expected<std::unique_ptr<MachOUniversalBinary>>
140 create(MemoryBufferRef Source);
141
142 object_iterator begin_objects() const {
143 return ObjectForArch(this, 0);
144 }
145 object_iterator end_objects() const {
146 return ObjectForArch(nullptr, 0);
147 }
148
149 iterator_range<object_iterator> objects() const {
150 return make_range(begin_objects(), end_objects());
151 }
152
153 uint32_t getMagic() const { return Magic; }
154 uint32_t getNumberOfObjects() const { return NumberOfObjects; }
155
156 // Cast methods.
157 static bool classof(Binary const *V) {
158 return V->isMachOUniversalBinary();
159 }
160
161 Expected<std::unique_ptr<MachOObjectFile>>
162 getObjectForArch(StringRef ArchName) const;
163};
164
165}
166}
167
168#endif