maxjhandsome
/
llvm-project
forked from OSchip/llvm-project
1
0
Fork 0
Code Issues Pull Requests Packages Releases Wiki Activity

Fix a crash in the LL parser where it failed to validate that the pointer operand of a GEP was valid. 

This manifested as an assertion failure in +Asserts builds, and a hard crash in -Asserts builds.  Found by fuzzing the LL parser.

llvm-svn: 230934
This commit is contained in:
Owen Anderson 2015-03-02 05:25:06 +00:00
parent 7797c726b9
commit 91bdf07650
2 changed files with 13 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
llvm/lib/AsmParser/LLParser.cpp
View File

@ -5458,6 +5458,8 @@ int LLParser::ParseGetElementPtr(Instruction *&Inst, PerFunctionState &PFS) {
return true; return true;
Type *PtrTy = Ptr->getType(); Type *PtrTy = Ptr->getType();
if (!isa<SequentialType>(PtrTy))
return Error(Loc, "pointer type is not valid");
if (VectorType *VT = dyn_cast<VectorType>(PtrTy)) if (VectorType *VT = dyn_cast<VectorType>(PtrTy))
PtrTy = VT->getElementType(); PtrTy = VT->getElementType();
if (Ty != cast<SequentialType>(PtrTy)->getElementType()) if (Ty != cast<SequentialType>(PtrTy)->getElementType())

11
llvm/test/Assembler/getelementptr_invalid_ptr.ll Normal file
View File

@ -0,0 +1,11 @@
; RUN: not llvm-as < %s >/dev/null 2> %t
; RUN: FileCheck %s < %t
; Test the case of an invalid pointer type on a GEP
; CHECK: pointer type is not valid
define i32* @foo(i32 %a) {
%gep = getelementptr i32, i32 %a, i32 1
return i32* %gep
}