[cfe-commits] r84980 - /cfe/trunk/lib/AST/ASTContext.cpp
Fariborz Jahanian
fjahanian at apple.com
Fri Oct 23 17:10:58 PDT 2009
On Oct 23, 2009, at 5:06 PM, John McCall wrote:
> Fariborz Jahanian wrote:
>> Author: fjahanian
>> Date: Fri Oct 23 18:55:43 2009
>> New Revision: 84980
>>
>> URL: http://llvm.org/viewvc/llvm-project?rev=84980&view=rev
>> Log:
>> Fixe a buffer overflow problem which causes a crash
>> in a certain project. Need to have a permananent fix later
>> (FIXME added).
>>
>>
>> Modified:
>> cfe/trunk/lib/AST/ASTContext.cpp
>>
>> Modified: cfe/trunk/lib/AST/ASTContext.cpp
>> URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/AST/ASTContext.cpp?rev=84980&r1=84979&r2=84980&view=diff
>>
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =
>> =====================================================================
>> --- cfe/trunk/lib/AST/ASTContext.cpp (original)
>> +++ cfe/trunk/lib/AST/ASTContext.cpp Fri Oct 23 18:55:43 2009
>> @@ -2855,8 +2855,10 @@
>>
>> // FIXME: Move up
>> static int UniqueBlockByRefTypeID = 0;
>> - char Name[36];
>> + // FIXME. This is error prone. Luckinly stack-canary stuff
>> caught it.
>> + char Name[128];
>> sprintf(Name, "__Block_byref_%d_%s", ++UniqueBlockByRefTypeID,
>> DeclName);
>> + assert((strlen(Name) < sizeof(Name)) && "BuildByRefType - buffer
>> overflow");
>> RecordDecl *T;
>> T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl,
>> SourceLocation(),
>> &Idents.get(Name));
>> @@ -2904,8 +2906,10 @@
>> llvm::SmallVector<const Expr *, 8> &BlockDeclRefDecls) {
>> // FIXME: Move up
>> static int UniqueBlockParmTypeID = 0;
>> - char Name[36];
>> + // FIXME. This is error prone. Luckinly stack-canary stuff
>> caught it.
>> + char Name[128];
>> sprintf(Name, "__block_literal_%u", ++UniqueBlockParmTypeID);
>> + assert((strlen(Name) < sizeof(Name)) && "getBlockParmType -
>> buffer overflow");
>> RecordDecl *T;
>> T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl,
>> SourceLocation(),
>> &Idents.get(Name));
>>
>>
>
> It doesn't fix the problem properly, but snprintf() will at least
> never
> trash the stack, and the return value will still permit the assert.
Yes, FIXME makes this point. I will shortly change it to alloca.
- Fariborz
>
>
> John.
> _______________________________________________
> cfe-commits mailing list
> cfe-commits at cs.uiuc.edu
> http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
More information about the cfe-commits
mailing list