[PATCH] D142277: [clang][Interp] Clear metadata when destroying locals
Aaron Ballman via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Tue Jan 31 11:46:23 PST 2023
aaron.ballman added inline comments.
================
Comment at: clang/lib/AST/Interp/EvalEmitter.cpp:260-261
+ // local variable is used after being destroyed.
+ InlineDescriptor &ID = *reinterpret_cast<InlineDescriptor *>(B->rawData());
+ std::memset(&ID, 0, sizeof(InlineDescriptor));
}
----------------
I'm not certain this is a good idea -- we've just deallocated `B` and then we're saying "cool, now get me your raw data so I can muck about with it".
The comments in `InterpState::deallocate()` say `// Free storage, if necessary.`, so this looks a lot like a use-after-free. Am I missing something?
================
Comment at: clang/lib/AST/Interp/InterpFrame.cpp:80-81
+ // local variable is used after being destroyed.
+ InlineDescriptor *ID = localInlineDesc(Local.Offset);
+ std::memset(ID, 0, sizeof(InlineDescriptor));
}
----------------
Same here as above.
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D142277/new/
https://reviews.llvm.org/D142277
More information about the cfe-commits
mailing list