nicolas/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Harden IR and bitcode parsers against infinite size types.

Browse Source 
If isSized is passed a SmallPtrSet, it uses that set to catch infinitely
recursive types (for example, a struct that has itself as a member).
Otherwise, it just crashes on such types.
This commit is contained in:
Eli Friedman
2020-05-16 14:01:54 -07:00
parent accd9af838
commit 0ec5f50196
4 changed files with 33 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
llvm/lib/Bitcode/Reader/BitcodeReader.cpp
View File

@@ -4857,7 +4857,8 @@ Error BitcodeReader::parseFunctionBody(Function *F) {
MaybeAlign Align;
if (Error Err = parseAlignmentValue(Record[OpNum], Align))
return Err;
if (!Align && !Ty->isSized())
SmallPtrSet<Type *, 4> Visited;
if (!Align && !Ty->isSized(&Visited))
return error("load of unsized type");
if (!Align)
Align = TheModule->getDataLayout().getABITypeAlign(Ty);
@@ -4922,6 +4923,9 @@ Error BitcodeReader::parseFunctionBody(Function *F) {
MaybeAlign Align;
if (Error Err = parseAlignmentValue(Record[OpNum], Align))
return Err;
SmallPtrSet<Type *, 4> Visited;
if (!Align && !Val->getType()->isSized(&Visited))
return error("store of unsized type");
if (!Align)
Align = TheModule->getDataLayout().getABITypeAlign(Val->getType());
I = new StoreInst(Val, Ptr, Record[OpNum + 1], *Align);