[BitcodeReader] Error out if we read an invalid function argument type

Bug found with AFL fuzz. llvm-svn: 237650
author: Filipe Cabecinhas <me@filcab.net> 2015-05-19 01:21:06 +0000
committer: Filipe Cabecinhas <me@filcab.net> 2015-05-19 01:21:06 +0000
commit: 32af5421945d3a6739048a679604176a9b860a6e (patch)
tree: 8bacd67da02d8422da2e41fccb4c94647a2a2509 /llvm/lib/Bitcode/Reader
parent: cbb2334b7aa0d077786f90416315e606f694d782 (diff)
download: bcm5719-llvm-32af5421945d3a6739048a679604176a9b860a6e.tar.gz
bcm5719-llvm-32af5421945d3a6739048a679604176a9b860a6e.zip
1 files changed, 4 insertions, 1 deletions
diff --git a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
index 70b681000a7..bba29172a28 100644
--- a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -1402,8 +1402,11 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
         return Error("Invalid record");
       SmallVector<Type*, 8> ArgTys;
       for (unsigned i = 2, e = Record.size(); i != e; ++i) {
-        if (Type *T = getTypeByID(Record[i]))
+        if (Type *T = getTypeByID(Record[i])) {
+          if (!FunctionType::isValidArgumentType(T))
+            return Error("Invalid function argument type");
           ArgTys.push_back(T);
+        }
         else
           break;
       }
author	Filipe Cabecinhas <me@filcab.net>	2015-05-19 01:21:06 +0000
committer	Filipe Cabecinhas <me@filcab.net>	2015-05-19 01:21:06 +0000
commit	32af5421945d3a6739048a679604176a9b860a6e (patch)
tree	8bacd67da02d8422da2e41fccb4c94647a2a2509 /llvm/lib/Bitcode/Reader
parent	cbb2334b7aa0d077786f90416315e606f694d782 (diff)
download	bcm5719-llvm-32af5421945d3a6739048a679604176a9b860a6e.tar.gz bcm5719-llvm-32af5421945d3a6739048a679604176a9b860a6e.zip