[all-commits] [llvm/llvm-project] 9f3444: [BPF] fix a use after free bug
yonghong-song via All-commits
all-commits at lists.llvm.org
Mon Nov 4 22:21:14 PST 2019
Branch: refs/heads/master
Home: https://github.com/llvm/llvm-project
Commit: 9f34447f3ff525029ec889bf3a82b04678a9d7c0
https://github.com/llvm/llvm-project/commit/9f34447f3ff525029ec889bf3a82b04678a9d7c0
Author: Yonghong Song <yhs at fb.com>
Date: 2019-11-04 (Mon, 04 Nov 2019)
Changed paths:
M llvm/lib/Target/BPF/BPFAbstractMemberAccess.cpp
Log Message:
-----------
[BPF] fix a use after free bug
Commit fff2721286e1 ("[BPF] Fix CO-RE bugs with bitfields")
fixed CO-RE handling bitfield issues. But the implementation
introduced a use after free bug. The "Base" of the intrinsic
might be freed so later on accessing the Type of "Base"
might access the freed memory. The failed test case,
CodeGen/BPF/CORE/offset-reloc-middle-chain.ll
is exactly used to test such a case.
Similarly to previous attempt to remember Metadata etc,
remember "Base" pointee Alignment in advance to avoid
such use after free bug.
More information about the All-commits
mailing list