[PATCH] D69974: Fix null dereference in yaml::Document::skip
Thomas Finch via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Nov 7 15:14:06 PST 2019
thomasfinch created this revision.
thomasfinch added reviewers: Bigcheese, hintonda, beanz.
thomasfinch added a project: LLVM.
Herald added subscribers: llvm-commits, dexonsmith, hiraditya.
The attached test case replicates a null dereference crash in `yaml::Document::skip()`. This was fixed by adding a check and early return in the method.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D69974
Files:
llvm/lib/Support/YAMLParser.cpp
llvm/unittests/Support/YAMLParserTest.cpp
Index: llvm/unittests/Support/YAMLParserTest.cpp
===================================================================
--- llvm/unittests/Support/YAMLParserTest.cpp
+++ llvm/unittests/Support/YAMLParserTest.cpp
@@ -331,4 +331,15 @@
EXPECT_TRUE(End == AnotherEnd);
}
+TEST(YAMLParser, FlowSequenceTokensOutsideFlowSequence) {
+ auto FlowSequenceStrs = {",", "]", "}"};
+ SourceMgr SM;
+
+ for (auto &Str : FlowSequenceStrs) {
+ yaml::Stream Stream(Str, SM);
+ yaml::Document &Doc = *Stream.begin();
+ EXPECT_FALSE(Doc.skip());
+ }
+}
+
} // end namespace llvm
Index: llvm/lib/Support/YAMLParser.cpp
===================================================================
--- llvm/lib/Support/YAMLParser.cpp
+++ llvm/lib/Support/YAMLParser.cpp
@@ -2288,8 +2288,8 @@
bool Document::skip() {
if (stream.scanner->failed())
return false;
- if (!Root)
- getRoot();
+ if (!Root && !getRoot())
+ return false;
Root->skip();
Token &T = peekNext();
if (T.Kind == Token::TK_StreamEnd)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D69974.228321.patch
Type: text/x-patch
Size: 1014 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20191107/23c9aab5/attachment.bin>
More information about the llvm-commits
mailing list