<p dir="ltr">Thanks for all the testing of the error conditions. It is really helpful when refactoring. </p>
<div class="gmail_quote">On May 18, 2015 9:26 PM, "Filipe Cabecinhas" <<a href="mailto:me@filcab.net">me@filcab.net</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Author: filcab<br>
Date: Mon May 18 20:21:06 2015<br>
New Revision: 237650<br>
<br>
URL: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc_llvm-2Dproject-3Frev-3D237650-26view-3Drev&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=mQ4LZ2PUj9hpadE3cDHZnIdEwhEBrbAstXeMaFoB9tg&m=fRCxOSNtyMVKw5s1dPcmnVPaDRp2Wp-CiX33L29URzM&s=r2Fu_LXZ5wRWMH34Mo6sagM3aMyZ1yv6zVAARJFsRjw&e=" target="_blank">http://llvm.org/viewvc/llvm-project?rev=237650&view=rev</a><br>
Log:<br>
[BitcodeReader] Error out if we read an invalid function argument type<br>
<br>
Bug found with AFL fuzz.<br>
<br>
Added:<br>
    llvm/trunk/test/Bitcode/Inputs/invalid-function-argument-type.bc<br>
Modified:<br>
    llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp<br>
    llvm/trunk/test/Bitcode/invalid.test<br>
<br>
Modified: llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp<br>
URL: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc_llvm-2Dproject_llvm_trunk_lib_Bitcode_Reader_BitcodeReader.cpp-3Frev-3D237650-26r1-3D237649-26r2-3D237650-26view-3Ddiff&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=mQ4LZ2PUj9hpadE3cDHZnIdEwhEBrbAstXeMaFoB9tg&m=fRCxOSNtyMVKw5s1dPcmnVPaDRp2Wp-CiX33L29URzM&s=SIaONOSzwr4cMA3HInfoFeUpFziQk_VOXI4CnFppeYg&e=" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp?rev=237650&r1=237649&r2=237650&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp (original)<br>
+++ llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp Mon May 18 20:21:06 2015<br>
@@ -1402,8 +1402,11 @@ std::error_code BitcodeReader::ParseType<br>
         return Error("Invalid record");<br>
       SmallVector<Type*, 8> ArgTys;<br>
       for (unsigned i = 2, e = Record.size(); i != e; ++i) {<br>
-        if (Type *T = getTypeByID(Record[i]))<br>
+        if (Type *T = getTypeByID(Record[i])) {<br>
+          if (!FunctionType::isValidArgumentType(T))<br>
+            return Error("Invalid function argument type");<br>
           ArgTys.push_back(T);<br>
+        }<br>
         else<br>
           break;<br>
       }<br>
<br>
Added: llvm/trunk/test/Bitcode/Inputs/invalid-function-argument-type.bc<br>
URL: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc_llvm-2Dproject_llvm_trunk_test_Bitcode_Inputs_invalid-2Dfunction-2Dargument-2Dtype.bc-3Frev-3D237650-26view-3Dauto&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=mQ4LZ2PUj9hpadE3cDHZnIdEwhEBrbAstXeMaFoB9tg&m=fRCxOSNtyMVKw5s1dPcmnVPaDRp2Wp-CiX33L29URzM&s=LjJ8SQ7aFklv69ZtT7rcNajSgGPjHsnRgqMEF5ADJBY&e=" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/Inputs/invalid-function-argument-type.bc?rev=237650&view=auto</a><br>
==============================================================================<br>
Binary files llvm/trunk/test/Bitcode/Inputs/invalid-function-argument-type.bc (added) and llvm/trunk/test/Bitcode/Inputs/invalid-function-argument-type.bc Mon May 18 20:21:06 2015 differ<br>
<br>
Modified: llvm/trunk/test/Bitcode/invalid.test<br>
URL: <a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__llvm.org_viewvc_llvm-2Dproject_llvm_trunk_test_Bitcode_invalid.test-3Frev-3D237650-26r1-3D237649-26r2-3D237650-26view-3Ddiff&d=AwMFaQ&c=8hUWFZcy2Z-Za5rBPlktOQ&r=mQ4LZ2PUj9hpadE3cDHZnIdEwhEBrbAstXeMaFoB9tg&m=fRCxOSNtyMVKw5s1dPcmnVPaDRp2Wp-CiX33L29URzM&s=I8ssyAHnPHPFvuLsw3NvVs0YyLsnA9UrKBHcCqyT7KM&e=" target="_blank">http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/invalid.test?rev=237650&r1=237649&r2=237650&view=diff</a><br>
==============================================================================<br>
--- llvm/trunk/test/Bitcode/invalid.test (original)<br>
+++ llvm/trunk/test/Bitcode/invalid.test Mon May 18 20:21:06 2015<br>
@@ -152,3 +152,8 @@ RUN: not llvm-dis -disable-output %p/Inp<br>
 RUN:   FileCheck --check-prefix=INVALID-CODELENWIDTH %s<br>
<br>
 INVALID-CODELENWIDTH: Malformed block<br>
+<br>
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-function-argument-type.bc 2>&1 | \<br>
+RUN:   FileCheck --check-prefix=INVALID-ARGUMENT-TYPE %s<br>
+<br>
+INVALID-ARGUMENT-TYPE: Invalid function argument type<br>
<br>
<br>
_______________________________________________<br>
llvm-commits mailing list<br>
<a href="mailto:llvm-commits@cs.uiuc.edu">llvm-commits@cs.uiuc.edu</a><br>
<a href="http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits" target="_blank">http://lists.cs.uiuc.edu/mailman/listinfo/llvm-commits</a><br>
</blockquote></div>