[PATCH] Don't overflow GCTable
Filipe Cabecinhas
filcab+llvm.phabricator at gmail.com
Wed Apr 29 21:12:57 PDT 2015
REPOSITORY
rL LLVM
http://reviews.llvm.org/D9361
Files:
llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
llvm/trunk/test/Bitcode/Inputs/invalid-GCTable-overflow.bc
llvm/trunk/test/Bitcode/invalid.test
Index: llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
===================================================================
--- llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
+++ llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -2992,7 +2992,7 @@
// FIXME: Change to an error if non-default in 4.0.
Func->setVisibility(GetDecodedVisibility(Record[7]));
if (Record.size() > 8 && Record[8]) {
- if (Record[8]-1 > GCTable.size())
+ if (Record[8]-1 >= GCTable.size())
return Error("Invalid ID");
Func->setGC(GCTable[Record[8]-1].c_str());
}
Index: llvm/trunk/test/Bitcode/invalid.test
===================================================================
--- llvm/trunk/test/Bitcode/invalid.test
+++ llvm/trunk/test/Bitcode/invalid.test
@@ -122,3 +122,8 @@
RUN: FileCheck --check-prefix=LOAD-BAD-TYPE %s
LOAD-BAD-TYPE: Load operand is not a pointer type
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-GCTable-overflow.bc 2>&1 | \
+RUN: FileCheck --check-prefix=GCTABLE-OFLOW %s
+
+GCTABLE-OFLOW: Invalid ID
EMAIL PREFERENCES
http://reviews.llvm.org/settings/panel/emailpreferences/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D9361.24677.patch
Type: text/x-patch
Size: 1085 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20150430/628a3d0c/attachment.bin>
More information about the llvm-commits
mailing list