From c756772b8d69b5d5cf1f84a44d887eacd60f3d3d Mon Sep 17 00:00:00 2001
From: Filipe Cabecinhas <me@filcab.net>
Date: Tue, 26 May 2015 23:52:21 +0000
Subject: [PATCH] [BitcodeReader] Make sure abbrev records have at least one
 operand (record code)

Bug found with AFL fuzz.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@238265 91177308-0d34-0410-b5e6-96231b3b80d8
---
 lib/Bitcode/Reader/BitstreamReader.cpp            |   3 +++
 test/Bitcode/Inputs/invalid-abbrev-no-operands.bc | Bin 0 -> 452 bytes
 test/Bitcode/invalid.test                         |   5 +++++
 3 files changed, 8 insertions(+)
 create mode 100644 test/Bitcode/Inputs/invalid-abbrev-no-operands.bc

diff --git a/lib/Bitcode/Reader/BitstreamReader.cpp b/lib/Bitcode/Reader/BitstreamReader.cpp
index 3b03f4b12b8..2d02549ce4e 100644
--- a/lib/Bitcode/Reader/BitstreamReader.cpp
+++ b/lib/Bitcode/Reader/BitstreamReader.cpp
@@ -282,6 +282,9 @@ void BitstreamCursor::ReadAbbrevRecord() {
     } else
       Abbv->Add(BitCodeAbbrevOp(E));
   }
+
+  if (Abbv->getNumOperandInfos() == 0)
+    report_fatal_error("Abbrev record with no operands");
   CurAbbrevs.push_back(Abbv);
 }
 
diff --git a/test/Bitcode/Inputs/invalid-abbrev-no-operands.bc b/test/Bitcode/Inputs/invalid-abbrev-no-operands.bc
new file mode 100644
index 0000000000000000000000000000000000000000..29af122e94e2d0f36ea288282c20817af7bdbbdb
GIT binary patch
literal 452
zcmZ>AK5$Qwhk+rFfq{X$Nr8b0NDBcmd!zD1#}h1`Yyw7>lNeigR9QJB<yg9t8U$RK
zoF;KQwFnrASa3*qav8a(cyLWnR6Y{az$2+xq{4oJLojK@f)x(OJ}?5!=~Q4~;0Mx1
zN*tUDDXlERN=sUR#N(EQ3?f249X;GFEj|JU$_&LU9zrfcCuA5U&M-(co?;2(m|%HG
z>A(b#dz`1R07)Q_Sfm4CILNU98G=A;%+Vlo<e^NO2%~L>vqj6{9;XKO$_n=48HGI0
z82H}`@O^3EGv;xUJ9JR?+(MZ&16HuIX6ZA`wkMozdzfv3W)vzgFo4Vx+n~_v;u6fN
zBa+C#Q|K$G;3K*r0BCh0P#zQ}!Yl_f4l(qo@f^%xW@K5+%Oa3qApjKT0%G<6fwLls
zY6>x1c{!%%vK%UnW)u_*%4KtL@z^FSAgFk^&B3Lmg&C+4Vjjrt!YqzDApIaeiYPOf
l7z63eg3Tb}5YV%HAYX&rg)mzbXwua*ph+nZlYo*y005ETVc7rx

literal 0
HcmV?d00001

diff --git a/test/Bitcode/invalid.test b/test/Bitcode/invalid.test
index bd6e265cbb3..9c9d54fad6c 100644
--- a/test/Bitcode/invalid.test
+++ b/test/Bitcode/invalid.test
@@ -172,3 +172,8 @@ RUN: not llvm-dis -disable-output %p/Inputs/invalid-global-var-comdat-id.bc 2>&1
 RUN:   FileCheck --check-prefix=INVALID-GVCOMDAT-ID %s
 
 INVALID-GVCOMDAT-ID: Invalid global variable comdat ID
+
+RUN: not llvm-dis -disable-output %p/Inputs/invalid-abbrev-no-operands.bc 2>&1 | \
+RUN:   FileCheck --check-prefix=ABBREV-NO-OPS %s
+
+ABBREV-NO-OPS: Abbrev record with no operands
-- 
2.34.1