[PATCH] D109386: Fix use-after-free from GlobalCtors associated data
Lei Wang via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Sep 7 12:47:18 PDT 2021
wlei created this revision.
Herald added subscribers: hoy, wenlei, lxfind.
wlei requested review of this revision.
Herald added a project: clang.
Herald added a subscriber: cfe-commits.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D109386
Files:
clang/lib/CodeGen/CodeGenModule.cpp
clang/lib/CodeGen/CodeGenModule.h
Index: clang/lib/CodeGen/CodeGenModule.h
===================================================================
--- clang/lib/CodeGen/CodeGenModule.h
+++ clang/lib/CodeGen/CodeGenModule.h
@@ -1526,6 +1526,8 @@
void EmitPointerToInitFunc(const VarDecl *VD, llvm::GlobalVariable *Addr,
llvm::Function *InitFunc, InitSegAttr *ISA);
+ void UpdateADOfGlobalCtors(llvm::Constant *Old, llvm::Constant *New);
+
// FIXME: Hardcoding priority here is gross.
void AddGlobalCtor(llvm::Function *Ctor, int Priority = 65535,
llvm::Constant *AssociatedData = nullptr);
Index: clang/lib/CodeGen/CodeGenModule.cpp
===================================================================
--- clang/lib/CodeGen/CodeGenModule.cpp
+++ clang/lib/CodeGen/CodeGenModule.cpp
@@ -1421,6 +1421,14 @@
return getModule().getNamedValue(Name);
}
+void CodeGenModule::UpdateADOfGlobalCtors(llvm::Constant *Old, llvm::Constant *New) {
+ for(auto &S : GlobalCtors) {
+ if(S.AssociatedData == Old) {
+ S.AssociatedData = New;
+ }
+ }
+}
+
/// AddGlobalCtor - Add a function to the list that will be called before
/// main() runs.
void CodeGenModule::AddGlobalCtor(llvm::Function *Ctor, int Priority,
@@ -3901,6 +3909,8 @@
llvm::Constant *NewPtrForOldDecl =
llvm::ConstantExpr::getBitCast(GV, Entry->getType());
Entry->replaceAllUsesWith(NewPtrForOldDecl);
+
+ UpdateADOfGlobalCtors(Entry, GV);
}
Entry->eraseFromParent();
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D109386.371155.patch
Type: text/x-patch
Size: 1507 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20210907/4416166f/attachment.bin>
More information about the cfe-commits
mailing list