commit 9efba74778fcc91f12e5178f42fcb1d6208f5bce
author David Majnemer <david.majnemer@gmail.com> Fri May 27 16:16:48 2016 +0000
committer David Majnemer <david.majnemer@gmail.com> Fri May 27 16:16:48 2016 +0000
tree c9b1607348b5767378983ef960b449b6701f0a18
parent 5d842ea68ed1ba4e83b96d19beb8ab5d72b18677

Make sure there are enough blocks for the stream

llvm-svn: 271012

llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp

diff --git a/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp b/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
index 65ddcca..68ed6c8 100644
--- a/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
+++ b/llvm/lib/DebugInfo/PDB/Raw/PDBFile.cpp
@@ -257,10 +257,28 @@
         return make_error<RawError>(raw_error_code::corrupt_file,
                                     "Orphaned block found?");
 
+      uint64_t BlockOffset = blockToOffset(Data, getBlockSize());
+      if (BlockOffset + getBlockSize() < BlockOffset)
+        return make_error<RawError>(raw_error_code::corrupt_file,
+                                    "Bogus stream block number");
+      if (BlockOffset + getBlockSize() > M.getBufferSize())
+        return make_error<RawError>(raw_error_code::corrupt_file,
+                                    "Stream block number is out of bounds");
+
       StreamBlocks->push_back(Data);
     }
   }
 
+  for (uint32_t SI = 0; SI != NumStreams; ++SI) {
+    uint64_t NumExpectedStreamBlocks =
+        bytesToBlocks(getStreamByteSize(SI), getBlockSize());
+    size_t NumStreamBlocks = getStreamBlockList(SI).size();
+    if (NumExpectedStreamBlocks != NumStreamBlocks)
+      return make_error<RawError>(raw_error_code::corrupt_file,
+                                  "The number of stream blocks is not "
+                                  "sufficient for the size of this stream");
+  }
+
   // We should have read exactly SB->NumDirectoryBytes bytes.
   assert(DirectoryBytesRead == SB->NumDirectoryBytes);
   return Error::success();