Shihao Xia

Sorry I don't get it? @Gkozd

More details: ``` fn decoder_to_vec) -> ImageResult where T: crate::traits::Primitive + bytemuck::Pod, { let mut buf = vec![num_traits::Zero::zero(); usize::try_from(decoder.total_bytes()).unwrap() / std::mem::size_of::()]; decoder.read_image(bytemuck::cast_slice_mut(buf.as_mut_slice()))?; Ok(buf) } ``` ``` impl ImageDecoder

> > Then this is just a NULL pointer dereference, which will lead to the program crash, but likely not exploitable. > > There is no null pointer dereference and...

Hi Yulei, thanks for the response. So suppose I have a `ConstraintEdge`, I cannot find LLVM value like what we can do for the `PAGEdge.getValue()` method right? Is there any...

yes i8** getelementptr inbounds (, * @_ZN3log6LOGGER17h3b3ef22fc507c313E, i64 0, i32 1) like this instruction will cause above code segmentation fault bc is compiled by corresponding llvm version

Seems like it is related to LLVM 13 +, since no nullptr is allowed for GEP type.

Oh, that PR just has incorrect LLVM 13 download link, since it still in RC. My setup has LLVM 13 it can build successfully with that change.

> Thanks for your PR. > > A few questions: > > 1. How can I test that this works? Can you add an example that demonstrates this? > 2....

I am trying to migrate this tool to LLVM 14. The compilation of new LLVM after applying the patch was successful. However, after running the program using the patched LLVM...