Make DacValidateMD more resilient to invalid MethodDesc (#79862)

github-actions[bot] · janvorli · web-flow · commit 88cff5e2c9af · 2023-01-05T11:40:22.000-08:00
The DacValidateMD is not resilient to invalid MethodDesc that contains
NULL in its m_pMethTab field. It was found when using the ClrMD in the
BenchmarkDotNet disassembler code which is trying to find if some constants
in the code represent MethodDesc so that it can dump the related method
name.

This change fixes it by checking the MethodTable after it is extracted
from the MethodDesc. There are two values that are not translated between
the target and the debugger sides - NULL and -1. So I have added handling
both as invalid there.

Co-authored-by: Jan Vorlicek &lt;janvorli@microsoft.com&gt;
diff --git a/src/coreclr/debug/daccess/request.cpp b/src/coreclr/debug/daccess/request.cpp
@@ -195,7 +195,12 @@ BOOL DacValidateMD(PTR_MethodDesc pMD)
         PTR_MethodTable pMethodTable = pMD->GetMethodTable();
 
         // Standard fast check
-        if (!pMethodTable->ValidateWithPossibleAV())
+        if ((pMethodTable == NULL) || dac_cast<TADDR>(pMethodTable) == (TADDR)-1)
+        {
+            retval = FALSE;
+        }
+
+        if (retval && !pMethodTable->ValidateWithPossibleAV())
         {
             retval = FALSE;
         }

Original file line number	Diff line number	Diff line change
`@@ -195,7 +195,12 @@ BOOL DacValidateMD(PTR_MethodDesc pMD)`
`195`	`195`	`PTR_MethodTable pMethodTable = pMD->GetMethodTable();`
`196`	`196`
`197`	`197`	`// Standard fast check`
`198`		`- if (!pMethodTable->ValidateWithPossibleAV())`
	`198`	`+ if ((pMethodTable == NULL) \|\| dac_cast<TADDR>(pMethodTable) == (TADDR)-1)`
	`199`	`+ {`
	`200`	`+ retval = FALSE;`
	`201`	`+ }`
	`202`	`+`
	`203`	`+ if (retval && !pMethodTable->ValidateWithPossibleAV())`
`199`	`204`	`{`
`200`	`205`	`retval = FALSE;`
`201`	`206`	`}`