[PATCH] [libcxx] Fix PR21580 - Undefined behavior in readEncodedPointer()

Eric Fiselier eric at efcs.ca
Mon Mar 9 13:26:06 PDT 2015 

Hi mclow.lists, danalbert, compnerd, echristo,

This patch fixes a bug in `readEncodedPointer()` where it would read from memory that was not suitably aligned. This patch fixes it by using memcpy.

http://reviews.llvm.org/D8179

Files:
  src/cxa_personality.cpp

Index: src/cxa_personality.cpp
===================================================================
--- src/cxa_personality.cpp
+++ src/cxa_personality.cpp
@@ -14,6 +14,7 @@
 
 #include <assert.h>
 #include <stdlib.h>
+#include <string.h>
 #include <typeinfo>
 
 #include "config.h"
@@ -141,6 +142,19 @@
 namespace __cxxabiv1
 {
 
+namespace
+{
+
+template <class FromType>
+uintptr_t readPointerHelper(const uint8_t*& p) {
+    FromType from;
+    memcpy(&from, (void*)p, sizeof(FromType));
+    p += sizeof(FromType);
+    return static_cast<uintptr_t>(from);
+}
+
+} // end namespace
+
 extern "C"
 {
 
@@ -245,28 +259,22 @@
         result = static_cast<uintptr_t>(readSLEB128(&p));
         break;
     case DW_EH_PE_udata2:
-        result = *((uint16_t*)p);
-        p += sizeof(uint16_t);
+        result = readPointerHelper<uint16_t>(p);
         break;
     case DW_EH_PE_udata4:
-        result = *((uint32_t*)p);
-        p += sizeof(uint32_t);
+        result = readPointerHelper<uint32_t>(p);
         break;
     case DW_EH_PE_udata8:
-        result = static_cast<uintptr_t>(*((uint64_t*)p));
-        p += sizeof(uint64_t);
+        result = readPointerHelper<uint64_t>(p);
         break;
     case DW_EH_PE_sdata2:
-        result = static_cast<uintptr_t>(*((int16_t*)p));
-        p += sizeof(int16_t);
+        result = readPointerHelper<int16_t>(p);
         break;
     case DW_EH_PE_sdata4:
-        result = static_cast<uintptr_t>(*((int32_t*)p));
-        p += sizeof(int32_t);
+        result = readPointerHelper<int32_t>(p);
         break;
     case DW_EH_PE_sdata8:
-        result = static_cast<uintptr_t>(*((int64_t*)p));
-        p += sizeof(int64_t);
+        result = readPointerHelper<int64_t>(p);
         break;
     default:
         // not supported

EMAIL PREFERENCES
  http://reviews.llvm.org/settings/panel/emailpreferences/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D8179.21507.patch
Type: text/x-patch
Size: 1790 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20150309/94dd057a/attachment.bin>

More information about the cfe-commits mailing list