llvm-bitcode icon indicating copy to clipboard operation
llvm-bitcode copied to clipboard

Published 20 hours ago verified publisher icon hryx

Prevent invalid VBRs from causing overflow

Open hryx opened this issue 1 year ago • 0 comments

The "more" bit in a VBR chunk indicates that there are more chunks to parse, which are then shifted and added to the final value.

A valid VBR can represent at most a 64-bit number, but the bitstream reader currently does not stop shifting/adding as long as there is still a "more" bit on a chunk, which will cause integer overflow for excessively long VBRs.

hryx avatar Dec 19 '22 04:12 hryx