summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--llvm/include/llvm/Bitcode/BitstreamReader.h1
-rw-r--r--llvm/lib/Bitcode/Reader/BitstreamReader.cpp2
-rw-r--r--llvm/test/Bitcode/Inputs/invalid-VBR-too-big.bcbin0 -> 612 bytes
-rw-r--r--llvm/test/Bitcode/invalid.test5
4 files changed, 8 insertions, 0 deletions
diff --git a/llvm/include/llvm/Bitcode/BitstreamReader.h b/llvm/include/llvm/Bitcode/BitstreamReader.h
index 18f6b9e011e..bae816675c0 100644
--- a/llvm/include/llvm/Bitcode/BitstreamReader.h
+++ b/llvm/include/llvm/Bitcode/BitstreamReader.h
@@ -395,6 +395,7 @@ public:
// Read a VBR that may have a value up to 64-bits in size. The chunk size of
// the VBR must still be <= 32 bits though.
uint64_t ReadVBR64(unsigned NumBits) {
+ assert(NumBits <= 64 && "VBR can only be up to 64 bits in size.");
uint32_t Piece = Read(NumBits);
if ((Piece & (1U << (NumBits-1))) == 0)
return uint64_t(Piece);
diff --git a/llvm/lib/Bitcode/Reader/BitstreamReader.cpp b/llvm/lib/Bitcode/Reader/BitstreamReader.cpp
index beaaf7a7d66..6e3bea1e87b 100644
--- a/llvm/lib/Bitcode/Reader/BitstreamReader.cpp
+++ b/llvm/lib/Bitcode/Reader/BitstreamReader.cpp
@@ -62,6 +62,8 @@ static uint64_t readAbbreviatedField(BitstreamCursor &Cursor,
case BitCodeAbbrevOp::Fixed:
return Cursor.Read((unsigned)Op.getEncodingData());
case BitCodeAbbrevOp::VBR:
+ if ((unsigned)Op.getEncodingData() > 64)
+ report_fatal_error("Invalid record");
return Cursor.ReadVBR64((unsigned)Op.getEncodingData());
case BitCodeAbbrevOp::Char6:
return BitCodeAbbrevOp::DecodeChar6(Cursor.Read(6));
diff --git a/llvm/test/Bitcode/Inputs/invalid-VBR-too-big.bc b/llvm/test/Bitcode/Inputs/invalid-VBR-too-big.bc
new file mode 100644
index 00000000000..35d00ba154b
--- /dev/null
+++ b/llvm/test/Bitcode/Inputs/invalid-VBR-too-big.bc
Binary files differ
diff --git a/llvm/test/Bitcode/invalid.test b/llvm/test/Bitcode/invalid.test
index 9cab227ab19..59543d2ae79 100644
--- a/llvm/test/Bitcode/invalid.test
+++ b/llvm/test/Bitcode/invalid.test
@@ -55,3 +55,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-no-proper-module.bc 2>&1 | \
RUN: FileCheck --check-prefix=NO-MODULE %s
NO-MODULE: Malformed IR file
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-VBR-too-big.bc 2>&1 | \
+RUN: FileCheck --check-prefix=HUGE-VBR %s
+
+HUGE-VBR: Invalid record
OpenPOWER on IntegriCloud