mirror of
https://github.com/RPCS3/llvm.git
synced 2025-01-26 20:57:15 +00:00
Make sure we don't resize(0) when we get a fwdref with Idx == UINT_MAX
Make it an error instead. Bug found with AFL fuzz. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@236190 91177308-0d34-0410-b5e6-96231b3b80d8
This commit is contained in:
parent
4689501178
commit
a607be94ca
@ -790,6 +790,10 @@ Constant *BitcodeReaderValueList::getConstantFwdRef(unsigned Idx,
|
||||
}
|
||||
|
||||
Value *BitcodeReaderValueList::getValueFwdRef(unsigned Idx, Type *Ty) {
|
||||
// Bail out for a clearly invalid value. This would make us call resize(0)
|
||||
if (Idx == UINT_MAX)
|
||||
return nullptr;
|
||||
|
||||
if (Idx >= size())
|
||||
resize(Idx + 1);
|
||||
|
||||
|
BIN
test/Bitcode/Inputs/invalid-too-big-fwdref.bc
Normal file
BIN
test/Bitcode/Inputs/invalid-too-big-fwdref.bc
Normal file
Binary file not shown.
@ -112,3 +112,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-array-op-not-2nd-to-last.bc
|
||||
RUN: FileCheck --check-prefix=ARRAY-NOT-2LAST %s
|
||||
|
||||
ARRAY-NOT-2LAST: Array op not second to last
|
||||
|
||||
RUN: not llvm-dis -disable-output %p/Inputs/invalid-too-big-fwdref.bc 2>&1 | \
|
||||
RUN: FileCheck --check-prefix=HUGE-FWDREF %s
|
||||
|
||||
HUGE-FWDREF: Invalid record
|
||||
|
Loading…
x
Reference in New Issue
Block a user