[PATCH] D95554: [BitcodeReader] Validate Strtab before accessing.
Florian Hahn via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Jan 29 09:14:50 PST 2021
fhahn updated this revision to Diff 320152.
fhahn added a comment.
Add missing sure and slightly re-word comment, thanks!
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D95554/new/
https://reviews.llvm.org/D95554
Files:
llvm/lib/Bitcode/Reader/BitcodeReader.cpp
llvm/test/Bitcode/invalid-record-strtab.ll
llvm/test/Bitcode/invalid-record-strtab.ll.bc
Index: llvm/test/Bitcode/invalid-record-strtab.ll
===================================================================
--- /dev/null
+++ llvm/test/Bitcode/invalid-record-strtab.ll
@@ -0,0 +1,5 @@
+; Bitcode with an invalid record that indexes a name outside of strtab.
+
+; RUN: not llvm-dis %s.bc -o - 2>&1 | FileCheck %s
+
+; CHECK: error: Invalid record
Index: llvm/lib/Bitcode/Reader/BitcodeReader.cpp
===================================================================
--- llvm/lib/Bitcode/Reader/BitcodeReader.cpp
+++ llvm/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -3379,9 +3379,12 @@
// Record[16] is the address space number.
- // Check whether we have enough values to read a partition name.
- if (Record.size() > 18)
+ // Check whether we have enough values to read a partition name. Also make
+ // sure Strtab has enough values.
+ if (Record.size() > 18 && Strtab.data() &&
+ Record[17] + Record[18] <= Strtab.size()) {
Func->setPartition(StringRef(Strtab.data() + Record[17], Record[18]));
+ }
Type *FullTy = PointerType::get(FullFTy, AddrSpace);
assert(Func->getType() == flattenPointerTypes(FullTy) &&
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D95554.320152.patch
Type: text/x-patch
Size: 1144 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20210129/24292917/attachment.bin>
More information about the llvm-commits
mailing list