[llvm] r236073 - Make sure that isValidElementType(Type) before calling {Array, Struct}Type::get(Type)
Filipe Cabecinhas
me at filcab.net
Tue Apr 28 18:27:02 PDT 2015
Author: filcab
Date: Tue Apr 28 20:27:01 2015
New Revision: 236073
URL: http://llvm.org/viewvc/llvm-project?rev=236073&view=rev
Log:
Make sure that isValidElementType(Type) before calling {Array,Struct}Type::get(Type)
Bug found with AFL fuzz.
Added:
llvm/trunk/test/Bitcode/Inputs/invalid-array-element-type.bc
llvm/trunk/test/Bitcode/Inputs/invalid-vector-element-type.bc
Modified:
llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
llvm/trunk/test/Bitcode/invalid.test
Modified: llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp?rev=236073&r1=236072&r2=236073&view=diff
==============================================================================
--- llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp (original)
+++ llvm/trunk/lib/Bitcode/Reader/BitcodeReader.cpp Tue Apr 28 20:27:01 2015
@@ -1474,7 +1474,8 @@ std::error_code BitcodeReader::ParseType
case bitc::TYPE_CODE_ARRAY: // ARRAY: [numelts, eltty]
if (Record.size() < 2)
return Error("Invalid record");
- if ((ResultTy = getTypeByID(Record[1])))
+ if ((ResultTy = getTypeByID(Record[1])) &&
+ StructType::isValidElementType(ResultTy))
ResultTy = ArrayType::get(ResultTy, Record[0]);
else
return Error("Invalid type");
@@ -1482,7 +1483,8 @@ std::error_code BitcodeReader::ParseType
case bitc::TYPE_CODE_VECTOR: // VECTOR: [numelts, eltty]
if (Record.size() < 2)
return Error("Invalid record");
- if ((ResultTy = getTypeByID(Record[1])))
+ if ((ResultTy = getTypeByID(Record[1])) &&
+ StructType::isValidElementType(ResultTy))
ResultTy = VectorType::get(ResultTy, Record[0]);
else
return Error("Invalid type");
Added: llvm/trunk/test/Bitcode/Inputs/invalid-array-element-type.bc
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/Inputs/invalid-array-element-type.bc?rev=236073&view=auto
==============================================================================
Binary files llvm/trunk/test/Bitcode/Inputs/invalid-array-element-type.bc (added) and llvm/trunk/test/Bitcode/Inputs/invalid-array-element-type.bc Tue Apr 28 20:27:01 2015 differ
Added: llvm/trunk/test/Bitcode/Inputs/invalid-vector-element-type.bc
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/Inputs/invalid-vector-element-type.bc?rev=236073&view=auto
==============================================================================
Binary files llvm/trunk/test/Bitcode/Inputs/invalid-vector-element-type.bc (added) and llvm/trunk/test/Bitcode/Inputs/invalid-vector-element-type.bc Tue Apr 28 20:27:01 2015 differ
Modified: llvm/trunk/test/Bitcode/invalid.test
URL: http://llvm.org/viewvc/llvm-project/llvm/trunk/test/Bitcode/invalid.test?rev=236073&r1=236072&r2=236073&view=diff
==============================================================================
--- llvm/trunk/test/Bitcode/invalid.test (original)
+++ llvm/trunk/test/Bitcode/invalid.test Tue Apr 28 20:27:01 2015
@@ -98,3 +98,10 @@ RUN: not llvm-dis -disable-output %p/Inp
RUN: FileCheck --check-prefix=FWDREF-TYPE %s
FWDREF-TYPE: Invalid record
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-element-type.bc 2>&1 | \
+RUN: FileCheck --check-prefix=ELEMENT-TYPE %s
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-vector-element-type.bc 2>&1 | \
+RUN: FileCheck --check-prefix=ELEMENT-TYPE %s
+
+ELEMENT-TYPE: Invalid type
More information about the llvm-commits
mailing list