6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-11-23 16:19:52 +00:00
Code Issues Projects Releases Wiki Activity

[BitcodeReader] Don't allow INSERTVAL/EXTRACTVAL with 0 indices

Browse Source 
This would trigger an assertion later.

Bug found with AFL fuzz.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@237494 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Filipe Cabecinhas
2015-05-16 00:33:12 +00:00
parent c5f2ba0401
commit ddf553bb8d
4 changed files with 20 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

14
lib/Bitcode/Reader/BitcodeReader.cpp
View File

@@ -3555,10 +3555,13 @@ std::error_code BitcodeReader::ParseFunctionBody(Function *F) {
if (getValueTypePair(Record, OpNum, NextValueNo, Agg)) if (getValueTypePair(Record, OpNum, NextValueNo, Agg))
return Error("Invalid record"); return Error("Invalid record");
unsigned RecSize = Record.size();
if (OpNum == RecSize)
return Error("EXTRACTVAL: Invalid instruction with 0 indices");
SmallVector<unsigned, 4> EXTRACTVALIdx; SmallVector<unsigned, 4> EXTRACTVALIdx;
Type *CurTy = Agg->getType(); Type *CurTy = Agg->getType();
for (unsigned RecSize = Record.size(); for (; OpNum != RecSize; ++OpNum) {
OpNum != RecSize; ++OpNum) {
bool IsArray = CurTy->isArrayTy(); bool IsArray = CurTy->isArrayTy();
bool IsStruct = CurTy->isStructTy(); bool IsStruct = CurTy->isStructTy();
uint64_t Index = Record[OpNum]; uint64_t Index = Record[OpNum];
@@ -3594,10 +3597,13 @@ std::error_code BitcodeReader::ParseFunctionBody(Function *F) {
if (getValueTypePair(Record, OpNum, NextValueNo, Val)) if (getValueTypePair(Record, OpNum, NextValueNo, Val))
return Error("Invalid record"); return Error("Invalid record");
unsigned RecSize = Record.size();
if (OpNum == RecSize)
return Error("INSERTVAL: Invalid instruction with 0 indices");
SmallVector<unsigned, 4> INSERTVALIdx; SmallVector<unsigned, 4> INSERTVALIdx;
Type *CurTy = Agg->getType(); Type *CurTy = Agg->getType();
for (unsigned RecSize = Record.size(); for (; OpNum != RecSize; ++OpNum) {
OpNum != RecSize; ++OpNum) {
bool IsArray = CurTy->isArrayTy(); bool IsArray = CurTy->isArrayTy();
bool IsStruct = CurTy->isStructTy(); bool IsStruct = CurTy->isStructTy();
uint64_t Index = Record[OpNum]; uint64_t Index = Record[OpNum];

BIN
test/Bitcode/Inputs/invalid-extract-0-indices.bc Normal file
View File

Binary file not shown.

BIN
test/Bitcode/Inputs/invalid-insert-0-indices.bc Normal file
View File

Binary file not shown.

10
test/Bitcode/invalid.test
View File

@@ -127,3 +127,13 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-GCTable-overflow.bc 2>&1 | \
RUN: FileCheck --check-prefix=GCTABLE-OFLOW %s RUN: FileCheck --check-prefix=GCTABLE-OFLOW %s
GCTABLE-OFLOW: Invalid ID GCTABLE-OFLOW: Invalid ID
RUN: not llvm-dis -disable-output %p/Inputs/invalid-insert-0-indices.bc 2>&1 | \
RUN: FileCheck --check-prefix=INSERT-0-IDXS %s
INSERT-0-IDXS: INSERTVAL: Invalid instruction with 0 indices
RUN: not llvm-dis -disable-output %p/Inputs/invalid-extract-0-indices.bc 2>&1 | \
RUN: FileCheck --check-prefix=EXTRACT-0-IDXS %s
EXTRACT-0-IDXS: EXTRACTVAL: Invalid instruction with 0 indices