projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 52d42c7)
Check that we have a valid PointerType element type before calling get()
authorFilipe Cabecinhas <me@filcab.net>
Wed, 29 Apr 2015 02:27:28 +0000 (02:27 +0000)
committerFilipe Cabecinhas <me@filcab.net>
Wed, 29 Apr 2015 02:27:28 +0000 (02:27 +0000)
Same as r236073 but for PointerType.

Bug found with AFL fuzz.

llvm-svn: 236079

llvm/lib/Bitcode/Reader/BitcodeReader.cpp patch | blob | history
llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc [new file with mode: 0644] patch | blob
llvm/test/Bitcode/invalid.test patch | blob | history

diff --git a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
index 8141d56..f11eba5 100644 (file)
--- a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -1360,7 +1360,8 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
       if (Record.size() == 2)
         AddressSpace = Record[1];
       ResultTy = getTypeByID(Record[0]);
-      if (!ResultTy)
+      if (!ResultTy ||
+          !PointerType::isValidElementType(ResultTy))
         return Error("Invalid type");
       ResultTy = PointerType::get(ResultTy, AddressSpace);
       break;
diff --git a/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc b/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc
new file mode 100644 (file)
index 0000000..f9649e6
Binary files /dev/null and b/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc differ
diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test
index 41173d1..c18ff3d 100644 (file)
--- a/llvm/test/Bitcode/invalid.test
+++ b/llvm/test/Bitcode/invalid.test
@@ -103,6 +103,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-element-type.bc 2>&1 |
 RUN:   FileCheck --check-prefix=ELEMENT-TYPE %s
 RUN: not llvm-dis -disable-output %p/Inputs/invalid-vector-element-type.bc 2>&1 | \
 RUN:   FileCheck --check-prefix=ELEMENT-TYPE %s
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-pointer-element-type.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=ELEMENT-TYPE %s
 
 ELEMENT-TYPE: Invalid type
 
Domain: System / Toolchain;