From: Filipe Cabecinhas <me@filcab.net>
Date: Fri, 30 Jan 2015 10:57:58 +0000 (+0000)
Subject: [bitcode reader] Fix an assert on invalid type tables
X-Git-Url: http://demsky.eecs.uci.edu/git/?a=commitdiff_plain;h=8cf149dbadda7bff3e96b2e8db42397c4f94356b;p=oota-llvm.git

[bitcode reader] Fix an assert on invalid type tables

Bug found with afl-fuzz

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@227566 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Bitcode/Reader/BitcodeReader.cpp b/lib/Bitcode/Reader/BitcodeReader.cpp
index 9e27225df79..c3589bce398 100644
--- a/lib/Bitcode/Reader/BitcodeReader.cpp
+++ b/lib/Bitcode/Reader/BitcodeReader.cpp
@@ -1095,8 +1095,10 @@ std::error_code BitcodeReader::ParseTypeTableBody() {
 
     if (NumRecords >= TypeList.size())
       return Error("Invalid TYPE table");
+    if (TypeList[NumRecords])
+      return Error(
+          "Invalid TYPE table: Only named structs can be forward referenced");
     assert(ResultTy && "Didn't read a type?");
-    assert(!TypeList[NumRecords] && "Already read type?");
     TypeList[NumRecords++] = ResultTy;
   }
 }
diff --git a/test/Bitcode/Inputs/invalid-type-table-forward-ref.bc b/test/Bitcode/Inputs/invalid-type-table-forward-ref.bc
new file mode 100644
index 00000000000..4594efefd6c
Binary files /dev/null and b/test/Bitcode/Inputs/invalid-type-table-forward-ref.bc differ