From 80df64239593200f9d79312fd22975457f981b58 Mon Sep 17 00:00:00 2001
From: Benjamin Kramer <benny.kra@googlemail.com>
Date: Thu, 31 Aug 2017 12:50:42 +0000
Subject: [BinaryFormat] Fix out of bounds read.

Found by OSS-FUZZ!
https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=3220

llvm-svn: 312238
---
 llvm/lib/BinaryFormat/Magic.cpp | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'llvm/lib/BinaryFormat/Magic.cpp')

diff --git a/llvm/lib/BinaryFormat/Magic.cpp b/llvm/lib/BinaryFormat/Magic.cpp
index b19a07a9066..e9b8df93b90 100644
--- a/llvm/lib/BinaryFormat/Magic.cpp
+++ b/llvm/lib/BinaryFormat/Magic.cpp
@@ -182,7 +182,7 @@ file_magic llvm::identify_magic(StringRef Magic) {
     break;
 
   case 'M': // Possible MS-DOS stub on Windows PE file
-    if (startswith(Magic, "MZ")) {
+    if (startswith(Magic, "MZ") && Magic.size() >= 0x3c + 4) {
       uint32_t off = read32le(Magic.data() + 0x3c);
       // PE/COFF file, either EXE or DLL.
       if (off < Magic.size() &&
-- 
cgit v1.2.3