[PATCH] D158296: [NFC][Clang] Add assertion to check the value of NumSubExprs/ResultIndex does not overflow

Wed Aug 30 10:25:58 PDT 2023

yronglin updated this revision to Diff 554770.
yronglin added a comment.

Addres the comments that we talked in D154784 <https://reviews.llvm.org/D154784>.


Repository:
  rG LLVM Github Monorepo

CHANGES SINCE LAST ACTION
  https://reviews.llvm.org/D158296/new/

https://reviews.llvm.org/D158296

Files:
  clang/include/clang/Basic/DiagnosticSemaKinds.td
  clang/lib/Sema/SemaChecking.cpp
  clang/test/SemaCXX/builtin-dump-struct.cpp


Index: clang/test/SemaCXX/builtin-dump-struct.cpp
===================================================================

--- clang/test/SemaCXX/builtin-dump-struct.cpp
+++ clang/test/SemaCXX/builtin-dump-struct.cpp
@@ -184,3 +184,22 @@
 
 int printf(const char *, ...);
 void f1(t2 w) { __builtin_dump_struct(&w, printf); }
+
+struct t3 { };
+template<typename T1>
+struct templ {
+    T1 v1;
+    T1 v2;
+    T1 v3;
+    T1 v4;
+};
+
+struct t4 {
+  templ<templ<templ<templ<templ<templ<t3>>>>>> c0;
+  templ<templ<templ<templ<templ<templ<t3>>>>>> c1;
+  templ<templ<templ<templ<templ<templ<t3>>>>>> c2;
+};
+
+void aj(...);
+void f2(t4 w) { __builtin_dump_struct(&w, aj); } // expected-error{{struct 't4' is too complex to dump}}
+
Index: clang/lib/Sema/SemaChecking.cpp
===================================================================
--- clang/lib/Sema/SemaChecking.cpp
+++ clang/lib/Sema/SemaChecking.cpp
@@ -724,6 +724,16 @@
   if (Generator.dumpUnnamedRecord(RD, PtrArg, 0))
     return ExprError();
 
+  // We create a `PseudoObjectExpr` as a wrapper, but the
+  // `PseudoObjectExprBits.NumSubExprs` in `PseudoObjectExpr` restricts its
+  // value to no more than std::numeric_limits<uint16_t>::max().
+  if (Generator.Actions.size() > std::numeric_limits<uint16_t>::max()) {
+    int RDKind = RD->isClass() ? 0 : (RD->isStruct() ? 1 : 2);
+    S.Diag(PtrArg->getBeginLoc(), diag::err_builtin_dump_struct_too_complex)
+        << RDKind << RD->getName();
+    return ExprError();
+  }
+
   return Generator.buildWrapper();
 }
 
Index: clang/include/clang/Basic/DiagnosticSemaKinds.td
===================================================================
--- clang/include/clang/Basic/DiagnosticSemaKinds.td
+++ clang/include/clang/Basic/DiagnosticSemaKinds.td
@@ -10176,6 +10176,9 @@
   "argument to __builtin_longjmp must be a constant 1">;
 def err_builtin_requires_language : Error<"'%0' is only available in %1">;
 
+def err_builtin_dump_struct_too_complex : Error<
+"%select{class|struct|union}0 '%1' is too complex to dump">;
+
 def err_constant_integer_arg_type : Error<
   "argument to %0 must be a constant integer">;
 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D158296.554770.patch
Type: text/x-patch
Size: 2135 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20230830/b4f81679/attachment.bin>
