6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-05-18 06:38:41 +00:00
Code Issues Projects Releases Wiki Activity

Make sure we don't resize(0) when we get a fwdref with Idx == UINT_MAX

Browse Source 
Make it an error instead.

Bug found with AFL fuzz.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@236190 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Filipe Cabecinhas 2015-04-30 00:52:42 +00:00
parent 4689501178
commit a607be94ca
3 changed files with 9 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
lib/Bitcode/Reader/BitcodeReader.cpp
View File

@ -790,6 +790,10 @@ Constant *BitcodeReaderValueList::getConstantFwdRef(unsigned Idx,
} }
Value *BitcodeReaderValueList::getValueFwdRef(unsigned Idx, Type *Ty) { Value *BitcodeReaderValueList::getValueFwdRef(unsigned Idx, Type *Ty) {
// Bail out for a clearly invalid value. This would make us call resize(0)
if (Idx == UINT_MAX)
return nullptr;
if (Idx >= size()) if (Idx >= size())
resize(Idx + 1); resize(Idx + 1);

BIN
test/Bitcode/Inputs/invalid-too-big-fwdref.bc Normal file
View File

Binary file not shown.

5
test/Bitcode/invalid.test
View File

@ -112,3 +112,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-op-not-2nd-to-last.bc
RUN: FileCheck --check-prefix=ARRAY-NOT-2LAST %s RUN: FileCheck --check-prefix=ARRAY-NOT-2LAST %s
ARRAY-NOT-2LAST: Array op not second to last ARRAY-NOT-2LAST: Array op not second to last
RUN: not llvm-dis -disable-output %p/Inputs/invalid-too-big-fwdref.bc 2>&1 | \
RUN: FileCheck --check-prefix=HUGE-FWDREF %s
HUGE-FWDREF: Invalid record