[llvm] [NativePDB] Fix crash in llvm-pdbutil (PR #164871)
Vladimir Gorsunov via llvm-commits
llvm-commits at lists.llvm.org
Fri Oct 24 05:23:04 PDT 2025
================
@@ -194,6 +194,8 @@ Error LazyRandomTypeCollection::visitRangeForType(TypeIndex TI) {
}
visitRange(TIB, Prev->Offset, TIE);
+ if (Records.size() <= TI.toArrayIndex())
+ return make_error<CodeViewError>("Type index too big");
----------------
gv wrote:
The crash happens in `tryGetType` https://github.com/llvm/llvm-project/blob/9e7a3ee5ff85a6c6838b20734822d658744e9bf3/llvm/lib/DebugInfo/CodeView/LazyRandomTypeCollection.cpp#L106 when the index value goes outside the buffer. That's allowed to occur because `ensureTypeExists` doesn't return error when the index argument is too big.
I put the check in `visitRangeForType` because it already does some TI validation for `ensureTypeExists` in line https://github.com/llvm/llvm-project/blob/9e7a3ee5ff85a6c6838b20734822d658744e9bf3/llvm/lib/DebugInfo/CodeView/LazyRandomTypeCollection.cpp#L186
https://github.com/llvm/llvm-project/pull/164871
More information about the llvm-commits
mailing list