r322052 - Fix use-after-free found by address-san on -r322028.
Erich Keane via cfe-commits
cfe-commits at lists.llvm.org
Mon Jan 8 17:09:12 PST 2018
Author: erichkeane
Date: Mon Jan 8 17:09:12 2018
New Revision: 322052
URL: http://llvm.org/viewvc/llvm-project?rev=322052&view=rev
Log:
Fix use-after-free found by address-san on -r322028.
r322028 attempted to remove something from the "Manglings"
list when it was no longer valid, and did so with 'erase'.
However, StringRefs to these were stored, so these became
dangling references. This patch changes to using 'remove' instead
of 'erase' to keep the strings valid.
Modified:
cfe/trunk/lib/CodeGen/CodeGenModule.cpp
Modified: cfe/trunk/lib/CodeGen/CodeGenModule.cpp
URL: http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/CodeGen/CodeGenModule.cpp?rev=322052&r1=322051&r2=322052&view=diff
==============================================================================
--- cfe/trunk/lib/CodeGen/CodeGenModule.cpp (original)
+++ cfe/trunk/lib/CodeGen/CodeGenModule.cpp Mon Jan 8 17:09:12 2018
@@ -813,7 +813,11 @@ void CodeGenModule::UpdateMultiVersionNa
// This is so that if the initial version was already the 'default'
// version, we don't try to update it.
if (OtherName != NonTargetName) {
- Manglings.erase(NonTargetName);
+ // Remove instead of erase, since others may have stored the StringRef
+ // to this.
+ const auto ExistingRecord = Manglings.find(NonTargetName);
+ if (ExistingRecord != std::end(Manglings))
+ Manglings.remove(&(*ExistingRecord));
auto Result = Manglings.insert(std::make_pair(OtherName, OtherGD));
MangledDeclNames[OtherGD.getCanonicalDecl()] = Result.first->first();
if (llvm::GlobalValue *Entry = GetGlobalValue(NonTargetName))
More information about the cfe-commits
mailing list