[BitstreamReader] Make sure the Array operand type is an encoding

Bug found with AFL fuzz. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238269 91177308-0d34-0410-b5e6-96231b3b80d8
2024-06-26 10:29:57 +00:00 · 2015-05-27 00:48:43 +00:00 · 2015-05-27 00:48:43 +00:00 · 316f9e05ce
commit 316f9e05ce
parent ba7ccd4201
3 changed files with 8 additions and 0 deletions
--- a/lib/Bitcode/Reader/BitstreamReader.cpp
+++ b/lib/Bitcode/Reader/BitstreamReader.cpp
@ -203,6 +203,9 @@ unsigned BitstreamCursor::readRecord(unsigned AbbrevID,
      if (i + 2 != e)
        report_fatal_error("Array op not second to last");
      const BitCodeAbbrevOp &EltEnc = Abbv->getOperandInfo(++i);
+      if (!EltEnc.isEncoding())
+        report_fatal_error(
+            "Array element type has to be an encoding of a type");
      if (EltEnc.getEncoding() == BitCodeAbbrevOp::Array ||
          EltEnc.getEncoding() == BitCodeAbbrevOp::Blob)
        report_fatal_error("Array element type can't be an Array or a Blob");
--- a/test/Bitcode/Inputs/invalid-array-operand-encoding.bc
+++ b/test/Bitcode/Inputs/invalid-array-operand-encoding.bc
--- a/test/Bitcode/invalid.test
+++ b/test/Bitcode/invalid.test
@ -177,3 +177,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-abbrev-no-operands.bc 2>&1 |
 RUN:   FileCheck --check-prefix=ABBREV-NO-OPS %s

 ABBREV-NO-OPS: Abbrev record with no operands
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-operand-encoding.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=ARRAY-OP-ENC %s
+
+ARRAY-OP-ENC: Array element type has to be an encoding of a type