From 8e42190d2038d129f9ebec8e83a5380cf0fcff30 Mon Sep 17 00:00:00 2001
From: Filipe Cabecinhas <me@filcab.net>
Date: Wed, 3 Jun 2015 00:05:30 +0000
Subject: [BitcodeReader] Check vector size before trying to create a
 VectorType

Bug found with AFL fuzz

llvm-svn: 238891
---
 llvm/lib/Bitcode/Reader/BitcodeReader.cpp | 2 ++
 1 file changed, 2 insertions(+)

(limited to 'llvm/lib/Bitcode')

diff --git a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
index 4044ac80f20..9e5e46aae0b 100644
--- a/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/llvm/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -1497,6 +1497,8 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
     case bitc::TYPE_CODE_VECTOR:    // VECTOR: [numelts, eltty]
       if (Record.size() < 2)
         return Error("Invalid record");
+      if (Record[0] == 0)
+        return Error("Invalid vector length");
       ResultTy = getTypeByID(Record[1]);
       if (!ResultTy || !StructType::isValidElementType(ResultTy))
         return Error("Invalid type");
-- 
cgit v1.2.3