projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 13ac039)
[Bitstream] Check for unterminated VBR
authorNikita Popov <npopov@redhat.com>
Tue, 8 Feb 2022 08:40:57 +0000 (09:40 +0100)
committerNikita Popov <npopov@redhat.com>
Tue, 8 Feb 2022 08:49:39 +0000 (09:49 +0100)
This avoid shift larger than bitwidth UB.

llvm/include/llvm/Bitstream/BitstreamReader.h patch | blob | history
llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc [deleted file] patch | blob | history
llvm/test/Bitcode/Inputs/unterminated-vbr.bc [moved from llvm/test/Bitcode/Inputs/size-not-plausible.bc with 100% similarity] patch | blob | history
llvm/test/Bitcode/invalid-no-ubsan.test [deleted file] patch | blob | history
llvm/test/Bitcode/invalid.test patch | blob | history

diff --git a/llvm/include/llvm/Bitstream/BitstreamReader.h b/llvm/include/llvm/Bitstream/BitstreamReader.h
index 1067064..5a66b2d 100644 (file)
--- a/llvm/include/llvm/Bitstream/BitstreamReader.h
+++ b/llvm/include/llvm/Bitstream/BitstreamReader.h
@@ -247,6 +247,10 @@ public:
         return Result;
 
       NextBit += NumBits-1;
+      if (NextBit >= 32)
+        return createStringError(std::errc::illegal_byte_sequence,
+                                 "Unterminated VBR");
+
       MaybeRead = Read(NumBits);
       if (!MaybeRead)
         return MaybeRead;
@@ -274,6 +278,10 @@ public:
         return Result;
 
       NextBit += NumBits-1;
+      if (NextBit >= 64)
+        return createStringError(std::errc::illegal_byte_sequence,
+                                 "Unterminated VBR");
+
       MaybeRead = Read(NumBits);
       if (!MaybeRead)
         return MaybeRead;
diff --git a/llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc b/llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc
deleted file mode 100644 (file)
index a6e4250..0000000
Binary files a/llvm/test/Bitcode/Inputs/invalid-value-symbol-table-2.bc and /dev/null differ
diff --git a/llvm/test/Bitcode/invalid-no-ubsan.test b/llvm/test/Bitcode/invalid-no-ubsan.test
deleted file mode 100644 (file)
index 2cc8e05..0000000
--- a/llvm/test/Bitcode/invalid-no-ubsan.test
+++ /dev/null
@@ -1,19 +0,0 @@
-# These tests cover invalid inputs.
-# When running under UBSan these tests hit UBSan issues before the validity
-# checks that the test is intending to exercise.
-# Under UBSan these tests fail because UBSan error is not the expected error.
-#
-# TODO: This code should be fixed to not exhibit UB, and these tests should be
-# incorporated back into invalid.test and run under UBSan again.
-
-UNSUPPORTED: ubsan
-
-RUN: not llvm-dis -disable-output %p/Inputs/size-not-plausible.bc 2>&1 | \
-RUN:   FileCheck --check-prefix=SIZE-NOT-PLAUSIBLE %s
-
-SIZE-NOT-PLAUSIBLE: Size is not plausible
-
-RUN: not llvm-dis -disable-output %p/Inputs/invalid-value-symbol-table-2.bc 2>&1 | \
-RUN:   FileCheck --check-prefix=INVALID-VALUE-SYMBOL-TABLE-2 %s
-
-INVALID-VALUE-SYMBOL-TABLE-2: Expected value symbol table subbloc
diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test
index c5cbabf..8af940d 100644 (file)
--- a/llvm/test/Bitcode/invalid.test
+++ b/llvm/test/Bitcode/invalid.test
@@ -266,3 +266,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-value-symbol-table.bc 2>&1 |
 RUN:   FileCheck --check-prefix=INVALID-VALUE-SYMBOL-TABLE %s
 
 INVALID-VALUE-SYMBOL-TABLE: Invalid value reference in symbol table
+
+RUN: not llvm-dis -disable-output %p/Inputs/unterminated-vbr.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=UNTERMINATED-VBR %s
+
+UNTERMINATED-VBR: Unterminated VBR
Domain: System / Toolchain;