[PATCH] D55765: Fix use-after-free bug in Tooling.

Yitzhak Mandelbaum via Phabricator via cfe-commits cfe-commits at lists.llvm.org
Mon Dec 17 07:31:53 PST 2018

ymandel created this revision.
ymandel added a reviewer: alexfh.
Herald added a subscriber: cfe-commits.

`buildASTFromCodeWithArgs()` was creating a memory buffer referencing a
stack-allocated string.  This diff changes the implementation to copy the code
string into the memory buffer so that said buffer owns the memory.

  rC Clang



Index: lib/Tooling/Tooling.cpp
--- lib/Tooling/Tooling.cpp
+++ lib/Tooling/Tooling.cpp
@@ -603,9 +603,8 @@
       &Action, Files.get(), std::move(PCHContainerOps));
   SmallString<1024> CodeStorage;
-  InMemoryFileSystem->addFile(FileNameRef, 0,
-                              llvm::MemoryBuffer::getMemBuffer(
-                                  Code.toNullTerminatedStringRef(CodeStorage)));
+  InMemoryFileSystem->addFile(
+      FileNameRef, 0, llvm::MemoryBuffer::getMemBufferCopy(Code.toStringRef()));
   if (!Invocation.run())
     return nullptr;

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D55765.178464.patch
Type: text/x-patch
Size: 626 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20181217/8feef948/attachment-0001.bin>

More information about the cfe-commits mailing list