From f4e1d5fc8d443a89e6f3c83def9c08212cbe3777 Mon Sep 17 00:00:00 2001
From: David Majnemer <david.majnemer@gmail.com>
Date: Fri, 27 May 2016 16:16:48 +0000
Subject: [PATCH] Make sure there are enough blocks for the stream

llvm-svn: 271012
---
 lib/DebugInfo/PDB/Raw/PDBFile.cpp | 18 ++++++++++++++++++
 1 file changed, 18 insertions(+)

diff --git a/lib/DebugInfo/PDB/Raw/PDBFile.cpp b/lib/DebugInfo/PDB/Raw/PDBFile.cpp
index 65ddccaed02..68ed6c82efd 100644
--- a/lib/DebugInfo/PDB/Raw/PDBFile.cpp
+++ b/lib/DebugInfo/PDB/Raw/PDBFile.cpp
@@ -257,10 +257,28 @@ Error PDBFile::parseStreamData() {
         return make_error<RawError>(raw_error_code::corrupt_file,
                                     "Orphaned block found?");
 
+      uint64_t BlockOffset = blockToOffset(Data, getBlockSize());
+      if (BlockOffset + getBlockSize() < BlockOffset)
+        return make_error<RawError>(raw_error_code::corrupt_file,
+                                    "Bogus stream block number");
+      if (BlockOffset + getBlockSize() > M.getBufferSize())
+        return make_error<RawError>(raw_error_code::corrupt_file,
+                                    "Stream block number is out of bounds");
+
       StreamBlocks->push_back(Data);
     }
   }
 
+  for (uint32_t SI = 0; SI != NumStreams; ++SI) {
+    uint64_t NumExpectedStreamBlocks =
+        bytesToBlocks(getStreamByteSize(SI), getBlockSize());
+    size_t NumStreamBlocks = getStreamBlockList(SI).size();
+    if (NumExpectedStreamBlocks != NumStreamBlocks)
+      return make_error<RawError>(raw_error_code::corrupt_file,
+                                  "The number of stream blocks is not "
+                                  "sufficient for the size of this stream");
+  }
+
   // We should have read exactly SB->NumDirectoryBytes bytes.
   assert(DirectoryBytesRead == SB->NumDirectoryBytes);
   return Error::success();