diff options
| author | Filipe Cabecinhas <me@filcab.net> | 2015-04-29 02:27:28 +0000 |
|---|---|---|
| committer | Filipe Cabecinhas <me@filcab.net> | 2015-04-29 02:27:28 +0000 |
| commit | d8a1bcd0ade5f9d077383bd9ac7e146886439fb2 (patch) | |
| tree | e15cd0168c607150ba5635abaa6885afa1254ac5 | |
| parent | 52d42c725a43f9a429b009357cf147eb071fa940 (diff) | |
| download | bcm5719-llvm-d8a1bcd0ade5f9d077383bd9ac7e146886439fb2.tar.gz bcm5719-llvm-d8a1bcd0ade5f9d077383bd9ac7e146886439fb2.zip | |
Check that we have a valid PointerType element type before calling get()
Same as r236073 but for PointerType.
Bug found with AFL fuzz.
llvm-svn: 236079
| -rw-r--r-- | llvm/lib/Bitcode/Reader/BitcodeReader.cpp | 3 | ||||
| -rw-r--r-- | llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc | bin | 0 -> 644 bytes | |||
| -rw-r--r-- | llvm/test/Bitcode/invalid.test | 2 |
3 files changed, 4 insertions, 1 deletions
diff --git a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp index 8141d5673bd..f11eba51e6c 100644 --- a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp +++ b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp @@ -1360,7 +1360,8 @@ std::error_code BitcodeReader::ParseTypeTableBody() { if (Record.size() == 2) AddressSpace = Record[1]; ResultTy = getTypeByID(Record[0]); - if (!ResultTy) + if (!ResultTy || + !PointerType::isValidElementType(ResultTy)) return Error("Invalid type"); ResultTy = PointerType::get(ResultTy, AddressSpace); break; diff --git a/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc b/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc Binary files differnew file mode 100644 index 00000000000..f9649e66429 --- /dev/null +++ b/llvm/test/Bitcode/Inputs/invalid-pointer-element-type.bc diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test index 41173d17e5d..c18ff3d3f61 100644 --- a/llvm/test/Bitcode/invalid.test +++ b/llvm/test/Bitcode/invalid.test @@ -103,6 +103,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-element-type.bc 2>&1 | RUN: FileCheck --check-prefix=ELEMENT-TYPE %s RUN: not llvm-dis -disable-output %p/Inputs/invalid-vector-element-type.bc 2>&1 | \ RUN: FileCheck --check-prefix=ELEMENT-TYPE %s +RUN: not llvm-dis -disable-output %p/Inputs/invalid-pointer-element-type.bc 2>&1 | \ +RUN: FileCheck --check-prefix=ELEMENT-TYPE %s ELEMENT-TYPE: Invalid type |
