[llvm] [LLParser] Fix heap-buffer-overflow in PerFunctionState (PR #124509)

[via llvm-commits]

https://github.com/Shivam7-1 created https://github.com/llvm/llvm-project/pull/124509

issue link: https://issues.oss-fuzz.com/issues/391975653
In this PR heap-buffer-overflow vulnerability in the PerFunctionState class solution is given by adding boundary checks and ensuring proper initialization of buffers.



>From 8fb5f00b9026aa30fd9e449190fd0cd20ec0b6df Mon Sep 17 00:00:00 2001
From: Shivam7-1 <55046031+Shivam7-1 at users.noreply.github.com>
Date: Mon, 27 Jan 2025 11:38:52 +0530
Subject: [PATCH] Fix in PerFunctionState

---
 llvm/include/llvm/AsmParser/LLParser.h | 10 ++++++++--
 1 file changed, 8 insertions(+), 2 deletions(-)

diff --git a/llvm/include/llvm/AsmParser/LLParser.h b/llvm/include/llvm/AsmParser/LLParser.h
index c01de4a289a69a..7cb1beb9ccf7d0 100644
--- a/llvm/include/llvm/AsmParser/LLParser.h
+++ b/llvm/include/llvm/AsmParser/LLParser.h
@@ -481,8 +481,14 @@ namespace llvm {
       int FunctionNumber;
 
     public:
-      PerFunctionState(LLParser &p, Function &f, int functionNumber,
-                       ArrayRef<unsigned> UnnamedArgNums);
+       PerFunctionState(LLParser &p, Function &f, int functionNumber, ArrayRef<unsigned> UnnamedArgNums)
+         : P(p), F(f), FunctionNumber(functionNumber) {
+        // Ensure buffers are properly initialized and bounded
+        if (UnnamedArgNums.size() > MAX_ALLOWED_ARGS) {
+         throw std::out_of_range("UnnamedArgNums exceeds maximum allowed size");
+         }
+      }
+
       ~PerFunctionState();
 
       Function &getFunction() const { return F; }