[BitcodeReader] Sanity check on Comdat ID

author Filipe Cabecinhas <me@filcab.net>

Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)

committer Filipe Cabecinhas <me@filcab.net>

Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)
author Filipe Cabecinhas <me@filcab.net>
Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)
committer Filipe Cabecinhas <me@filcab.net>
Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)
diff --git a/lib/Bitcode/Reader/BitcodeReader.cpp b/lib/Bitcode/Reader/BitcodeReader.cpp

index 6eef594eaf1977e7d06f082505bd94b9f919b09e..3f21bb9fbac34d4cc28e5e142a3f226eb9e9b214 100644 (file)
--- a/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -2956,7 +2956,8 @@ std::error_code BitcodeReader::ParseModule(bool Resume,
  
        if (Record.size() > 11) {
          if (unsigned ComdatID = Record[11]) {
-          assert(ComdatID <= ComdatList.size());
+          if (ComdatID > ComdatList.size())
+            return Error("Invalid global variable comdat ID");
            NewGV->setComdat(ComdatList[ComdatID - 1]);
          }
        } else if (hasImplicitComdat(RawLinkage)) {
@@ -3020,7 +3021,8 @@ std::error_code BitcodeReader::ParseModule(bool Resume,
  
        if (Record.size() > 12) {
          if (unsigned ComdatID = Record[12]) {
-          assert(ComdatID <= ComdatList.size());
+          if (ComdatID > ComdatList.size())
+            return Error("Invalid function comdat ID");
            Func->setComdat(ComdatList[ComdatID - 1]);
          }
        } else if (hasImplicitComdat(RawLinkage)) {
diff --git a/test/Bitcode/Inputs/invalid-function-comdat-id.bc b/test/Bitcode/Inputs/invalid-function-comdat-id.bc

new file mode 100644 (file)

index 0000000..d0ad823

Binary files /dev/null and b/test/Bitcode/Inputs/invalid-function-comdat-id.bc differ
diff --git a/test/Bitcode/Inputs/invalid-global-var-comdat-id.bc b/test/Bitcode/Inputs/invalid-global-var-comdat-id.bc

new file mode 100644 (file)

index 0000000..93d6ba2

Binary files /dev/null and b/test/Bitcode/Inputs/invalid-global-var-comdat-id.bc differ
diff --git a/test/Bitcode/invalid.test b/test/Bitcode/invalid.test

index f609d043df4b71115433909578aaeddcc8e7c998..bd6e265cbb37378f57160324b8b6451961ce2291 100644 (file)
--- a/test/Bitcode/invalid.test
+++ b/test/Bitcode/invalid.test
@@ -162,3 +162,13 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-fixme-streaming-blob.bc 2>&1
  RUN:   FileCheck --check-prefix=STREAMING-BLOB %s
  
  STREAMING-BLOB: getPointer in streaming memory objects not allowed
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-function-comdat-id.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-FCOMDAT-ID %s
+
+INVALID-FCOMDAT-ID: Invalid function comdat ID
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-global-var-comdat-id.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=INVALID-GVCOMDAT-ID %s
+
+INVALID-GVCOMDAT-ID: Invalid global variable comdat ID
author	Filipe Cabecinhas <me@filcab.net>
	Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)
committer	Filipe Cabecinhas <me@filcab.net>
	Tue, 26 May 2015 23:00:56 +0000 (23:00 +0000)
lib/Bitcode/Reader/BitcodeReader.cpp		patch \| blob \| history
test/Bitcode/Inputs/invalid-function-comdat-id.bc	[new file with mode: 0644]	patch \| blob
test/Bitcode/Inputs/invalid-global-var-comdat-id.bc	[new file with mode: 0644]	patch \| blob
test/Bitcode/invalid.test		patch \| blob \| history