6502/llvm-6502
1
0
Fork 0
mirror of https://github.com/c64scene-ar/llvm-6502.git synced 2025-07-28 19:25:00 +00:00
Code Issues Projects Releases Wiki Activity

Check bit widths before trying to get a type.

Browse Source 
Added a test case for it.
Also added run lines for the test case in r227566.

Bugs found with afl-fuzz

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227589 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
Filipe Cabecinhas
2015-01-30 18:13:50 +00:00
parent dd62b7ae96
commit 1897b5c08c
3 changed files with 13 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
lib/Bitcode/Reader/BitcodeReader.cpp
View File

@@ -950,12 +950,17 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
case bitc::TYPE_CODE_X86_MMX: // X86_MMX case bitc::TYPE_CODE_X86_MMX: // X86_MMX
ResultTy = Type::getX86_MMXTy(Context); ResultTy = Type::getX86_MMXTy(Context);
break; break;
case bitc::TYPE_CODE_INTEGER: // INTEGER: [width] case bitc::TYPE_CODE_INTEGER: { // INTEGER: [width]
if (Record.size() < 1) if (Record.size() < 1)
return Error("Invalid record"); return Error("Invalid record");
ResultTy = IntegerType::get(Context, Record[0]); uint64_t NumBits = Record[0];
if (NumBits < IntegerType::MIN_INT_BITS ||
NumBits > IntegerType::MAX_INT_BITS)
return Error("Bitwidth for integer type out of range");
ResultTy = IntegerType::get(Context, NumBits);
break; break;
}
case bitc::TYPE_CODE_POINTER: { // POINTER: [pointee type] or case bitc::TYPE_CODE_POINTER: { // POINTER: [pointee type] or
// [pointee type, address space] // [pointee type, address space]
if (Record.size() < 1) if (Record.size() < 1)

BIN
test/Bitcode/Inputs/invalid-bitwidth.bc Normal file
View File

Binary file not shown.

6
test/Bitcode/invalid.test
View File

@@ -6,8 +6,14 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-unexpected-eof.bc 2>&1 | \
RUN: FileCheck --check-prefix=UNEXPECTED-EOF %s RUN: FileCheck --check-prefix=UNEXPECTED-EOF %s
RUN: not llvm-dis -disable-output %p/Inputs/invalid-bad-abbrev-number.bc 2>&1 | \ RUN: not llvm-dis -disable-output %p/Inputs/invalid-bad-abbrev-number.bc 2>&1 | \
RUN: FileCheck --check-prefix=BAD-ABBREV-NUMBER %s RUN: FileCheck --check-prefix=BAD-ABBREV-NUMBER %s
RUN: not llvm-dis -disable-output %p/Inputs/invalid-type-table-forward-ref.bc 2>&1 | \
RUN: FileCheck --check-prefix=BAD-TYPE-TABLE-FORWARD-REF %s
RUN: not llvm-dis -disable-output %p/Inputs/invalid-bitwidth.bc 2>&1 | \
RUN: FileCheck --check-prefix=BAD-BITWIDTH %s
INVALID-ENCODING: Invalid encoding INVALID-ENCODING: Invalid encoding
BAD-ABBREV: Abbreviation starts with an Array or a Blob BAD-ABBREV: Abbreviation starts with an Array or a Blob
UNEXPECTED-EOF: Unexpected end of file UNEXPECTED-EOF: Unexpected end of file
BAD-ABBREV-NUMBER: Invalid abbrev number BAD-ABBREV-NUMBER: Invalid abbrev number
BAD-TYPE-TABLE-FORWARD-REF: Invalid TYPE table: Only named structs can be forward referenced
BAD-BITWIDTH: Bitwidth for integer type out of range