[llvm] r236193 - Make sure Op->getType() is a PointerType before we cast<> it.

Filipe Cabecinhas me at filcab.net
Wed Apr 29 18:13:31 PDT 2015 

Author: filcab
Date: Wed Apr 29 20:13:31 2015
New Revision: 236193

URL: http://llvm.org/viewvc/llvm-project?rev=236193&view=rev
Log:
Make sure Op->getType() is a PointerType before we cast<> it.

Bug found with AFL fuzz.

Added:
    llvm/trunk/test/Bitcode/Inputs/invalid-load-pointer-type.bc
Modified:
    llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
    llvm/trunk/test/Bitcode/invalid.test

Modified: llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp?rev=236193&r1=236192&r2=236193&view=diff
==============================================================================
--- llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp (original)
+++ llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp Wed Apr 29 20:13:31 2015
@@ -4065,6 +4065,8 @@ std::error_code BitcodeReader::ParseFunc
       Type *Ty = nullptr;
       if (OpNum + 3 == Record.size())
         Ty = getTypeByID(Record[OpNum++]);
+      if (!isa<PointerType>(Op->getType()))
+        return Error("Load operand is not a pointer type");
       if (!Ty)
         Ty = cast<PointerType>(Op->getType())->getElementType();
       else if (Ty != cast<PointerType>(Op->getType())->getElementType())

Added: llvm/trunk/test/Bitcode/Inputs/invalid-load-pointer-type.bc
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/Inputs/invalid-load-pointer-type.bc?rev=236193&view=auto
==============================================================================
Binary files llvm/trunk/test/Bitcode/Inputs/invalid-load-pointer-type.bc (added) and llvm/trunk/test/Bitcode/Inputs/invalid-load-pointer-type.bc Wed Apr 29 20:13:31 2015 differ

Modified: llvm/trunk/test/Bitcode/invalid.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/invalid.test?rev=236193&r1=236192&r2=236193&view=diff
==============================================================================
--- llvm/trunk/test/Bitcode/invalid.test (original)
+++ llvm/trunk/test/Bitcode/invalid.test Wed Apr 29 20:13:31 2015
@@ -117,3 +117,8 @@ RUN: not llvm-dis -disable-output %p/Inp
 RUN:   FileCheck --check-prefix=HUGE-FWDREF %s
 
 HUGE-FWDREF: Invalid record
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-load-pointer-type.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=LOAD-BAD-TYPE %s
+
+LOAD-BAD-TYPE: Load operand is not a pointer type

More information about the llvm-commits mailing list