nicolas/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Make sure that isValidElementType(Type) before calling {Array,Struct}Type::get(Type)

Browse Source 
Bug found with AFL fuzz.

llvm-svn: 236073
This commit is contained in:
Filipe Cabecinhas
2015-04-29 01:27:01 +00:00
parent 180b92168d
commit f15fb032ef
4 changed files with 11 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
llvm/lib/Bitcode/Reader/BitcodeReader.cpp
View File

@@ -1474,7 +1474,8 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
case bitc::TYPE_CODE_ARRAY: // ARRAY: [numelts, eltty]
if (Record.size() < 2)
return Error("Invalid record");
if ((ResultTy = getTypeByID(Record[1])))
if ((ResultTy = getTypeByID(Record[1])) &&
StructType::isValidElementType(ResultTy))
ResultTy = ArrayType::get(ResultTy, Record[0]);
else
return Error("Invalid type");
@@ -1482,7 +1483,8 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
case bitc::TYPE_CODE_VECTOR: // VECTOR: [numelts, eltty]
if (Record.size() < 2)
return Error("Invalid record");
if ((ResultTy = getTypeByID(Record[1])))
if ((ResultTy = getTypeByID(Record[1])) &&
StructType::isValidElementType(ResultTy))
ResultTy = VectorType::get(ResultTy, Record[0]);
else
return Error("Invalid type");