[llvm] b105656 - [Sample Profile Reader] Fix potential integer overflow/infinite loop bug in sample profile reader

[William Huang via llvm-commits]

Author: William Huang
Date: 2022-08-23T20:35:23Z
New Revision: b105656207143001b2daa8ce4d2cbc09bcc9cf91

URL: https://github.com/llvm/llvm-project/commit/b105656207143001b2daa8ce4d2cbc09bcc9cf91
DIFF: https://github.com/llvm/llvm-project/commit/b105656207143001b2daa8ce4d2cbc09bcc9cf91.diff

LOG: [Sample Profile Reader] Fix potential integer overflow/infinite loop bug in sample profile reader

Change loop induction variable type to match the type of "SIZE" where it's compared against, to prevent infinite loop caused by overflow wraparound if there are more than 2^32 samples

Reviewed By: wenlei

Differential Revision: https://reviews.llvm.org/D132493

Added: 
    

Modified: 
    llvm/lib/ProfileData/SampleProfReader.cpp

Removed: 
    


################################################################################
diff  --git a/llvm/lib/ProfileData/SampleProfReader.cpp b/llvm/lib/ProfileData/SampleProfReader.cpp
index bbde8a650368..84b150d2f47f 100644
--- a/llvm/lib/ProfileData/SampleProfReader.cpp
+++ b/llvm/lib/ProfileData/SampleProfReader.cpp
@@ -809,7 +809,7 @@ std::error_code SampleProfileReaderExtBinaryBase::readFuncOffsetTable() {
     OrderedFuncOffsets->reserve(*Size);
   }
 
-  for (uint32_t I = 0; I < *Size; ++I) {
+  for (uint64_t I = 0; I < *Size; ++I) {
     auto FContext(readSampleContextFromTable());
     if (std::error_code EC = FContext.getError())
       return EC;
@@ -1096,7 +1096,7 @@ std::error_code SampleProfileReaderExtBinaryBase::readMD5NameTable() {
     return sampleprof_error::success;
   }
   NameTable.reserve(*Size);
-  for (uint32_t I = 0; I < *Size; ++I) {
+  for (uint64_t I = 0; I < *Size; ++I) {
     auto FID = readNumber<uint64_t>();
     if (std::error_code EC = FID.getError())
       return EC;
@@ -1237,7 +1237,7 @@ std::error_code SampleProfileReaderCompactBinary::readNameTable() {
   if (std::error_code EC = Size.getError())
     return EC;
   NameTable.reserve(*Size);
-  for (uint32_t I = 0; I < *Size; ++I) {
+  for (uint64_t I = 0; I < *Size; ++I) {
     auto FID = readNumber<uint64_t>();
     if (std::error_code EC = FID.getError())
       return EC;
@@ -1279,7 +1279,7 @@ std::error_code SampleProfileReaderExtBinaryBase::readSecHdrTable() {
   if (std::error_code EC = EntryNum.getError())
     return EC;
 
-  for (uint32_t i = 0; i < (*EntryNum); i++)
+  for (uint64_t i = 0; i < (*EntryNum); i++)
     if (std::error_code EC = readSecHdrTableEntry(i))
       return EC;
 
@@ -1448,7 +1448,7 @@ std::error_code SampleProfileReaderCompactBinary::readFuncOffsetTable() {
     return EC;
 
   FuncOffsetTable.reserve(*Size);
-  for (uint32_t I = 0; I < *Size; ++I) {
+  for (uint64_t I = 0; I < *Size; ++I) {
     auto FName(readStringFromTable());
     if (std::error_code EC = FName.getError())
       return EC;