From 8cf149dbadda7bff3e96b2e8db42397c4f94356b Mon Sep 17 00:00:00 2001 From: Filipe Cabecinhas Date: Fri, 30 Jan 2015 10:57:58 +0000 Subject: [PATCH] [bitcode reader] Fix an assert on invalid type tables Bug found with afl-fuzz git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227566 91177308-0d34-0410-b5e6-96231b3b80d8 --- lib/Bitcode/Reader/BitcodeReader.cpp | 4 +++- .../Inputs/invalid-type-table-forward-ref.bc | Bin 0 -> 452 bytes 2 files changed, 3 insertions(+), 1 deletion(-) create mode 100644 test/Bitcode/Inputs/invalid-type-table-forward-ref.bc diff --git a/lib/Bitcode/Reader/BitcodeReader.cpp b/lib/Bitcode/Reader/BitcodeReader.cpp index 9e27225df79..c3589bce398 100644 --- a/lib/Bitcode/Reader/BitcodeReader.cpp +++ b/lib/Bitcode/Reader/BitcodeReader.cpp @@ -1095,8 +1095,10 @@ std::error_code BitcodeReader::ParseTypeTableBody() { if (NumRecords >= TypeList.size()) return Error("Invalid TYPE table"); + if (TypeList[NumRecords]) + return Error( + "Invalid TYPE table: Only named structs can be forward referenced"); assert(ResultTy && "Didn't read a type?"); - assert(!TypeList[NumRecords] && "Already read type?"); TypeList[NumRecords++] = ResultTy; } } diff --git a/test/Bitcode/Inputs/invalid-type-table-forward-ref.bc b/test/Bitcode/Inputs/invalid-type-table-forward-ref.bc new file mode 100644 index 0000000000000000000000000000000000000000..4594efefd6c1565b973a3faec5d40967e88e370b GIT binary patch literal 452 zcmZ>AK5$Qwhk+rFfq{X$Nr8b0NDBcmd!zD1#}h1`Yyw7>lNeigR9QJB4z z^NfN2tpMMb20mjRC%HohWzQ{?Ni$#tD{GQI!)$xP*|vw-mf`9DLInl}ka=Po6nb4; zf?0J$5*c_3eFYVKL^lKgtxg2WgTh3ZOHd0E7BvR{#J2 literal 0 HcmV?d00001