projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 6d52ea8)
[Bitstream] Make MaxChunkSize word-size independent
authorNikita Popov <npopov@redhat.com>
Tue, 8 Feb 2022 09:12:46 +0000 (10:12 +0100)
committerNikita Popov <npopov@redhat.com>
Tue, 8 Feb 2022 09:14:07 +0000 (10:14 +0100)
We only support chunks <= 32 bits regardless of whether we're
running on a 64-bit platform or not. Chunk size > 32 <= 64 would
cause UB in the reading code.

llvm/include/llvm/Bitstream/BitstreamReader.h patch | blob | history
llvm/test/Bitcode/Inputs/invalid-chunk-size.bc [new file with mode: 0644] patch | blob
llvm/test/Bitcode/invalid.test patch | blob | history

diff --git a/llvm/include/llvm/Bitstream/BitstreamReader.h b/llvm/include/llvm/Bitstream/BitstreamReader.h
index 5a66b2d..afe327c 100644 (file)
--- a/llvm/include/llvm/Bitstream/BitstreamReader.h
+++ b/llvm/include/llvm/Bitstream/BitstreamReader.h
@@ -97,8 +97,6 @@ private:
   unsigned BitsInCurWord = 0;
 
 public:
-  static const constexpr size_t MaxChunkSize = sizeof(word_t) * 8;
-
   SimpleBitstreamCursor() = default;
   explicit SimpleBitstreamCursor(ArrayRef<uint8_t> BitcodeBytes)
       : BitcodeBytes(BitcodeBytes) {}
@@ -187,7 +185,7 @@ public:
   }
 
   Expected<word_t> Read(unsigned NumBits) {
-    static const unsigned BitsInWord = MaxChunkSize;
+    static const unsigned BitsInWord = sizeof(word_t) * 8;
 
     assert(NumBits && NumBits <= BitsInWord &&
            "Cannot return zero or more than BitsInWord bits!");
@@ -372,7 +370,7 @@ class BitstreamCursor : SimpleBitstreamCursor {
   BitstreamBlockInfo *BlockInfo = nullptr;
 
 public:
-  static const size_t MaxChunkSize = sizeof(word_t) * 8;
+  static const size_t MaxChunkSize = 32;
 
   BitstreamCursor() = default;
   explicit BitstreamCursor(ArrayRef<uint8_t> BitcodeBytes)
diff --git a/llvm/test/Bitcode/Inputs/invalid-chunk-size.bc b/llvm/test/Bitcode/Inputs/invalid-chunk-size.bc
new file mode 100644 (file)
index 0000000..3fa9cd0
Binary files /dev/null and b/llvm/test/Bitcode/Inputs/invalid-chunk-size.bc differ
diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test
index 6d2d2f2..db8cfde 100644 (file)
--- a/llvm/test/Bitcode/invalid.test
+++ b/llvm/test/Bitcode/invalid.test
@@ -276,3 +276,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/comdat-name-too-large.bc 2>&1 | \
 RUN:   FileCheck --check-prefix=COMDAT-NAME-TOO-LARGE %s
 
 COMDAT-NAME-TOO-LARGE: Comdat name size too large
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-chunk-size.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-CHUNK-SIZE %s
+
+INVALID-CHUNK-SIZE: Fixed or VBR abbrev record with size > MaxChunkData
Domain: System / Toolchain;