[clang] [clang] Check null TypeSourceInfo in CreateUnaryExprOrTypeTraitExpr (PR #112111)
Andrew Sukach via cfe-commits
cfe-commits at lists.llvm.org
Sat Oct 12 16:56:23 PDT 2024
https://github.com/sookach created https://github.com/llvm/llvm-project/pull/112111
Fixes #111594. The crash is caused by the following call
https://github.com/llvm/llvm-project/blob/main/clang/lib/AST/ComputeDependence.cpp#L81-L82
We already check for a null TypeInfo when creating a UnaryExprOrTypeTraitExpr here
https://github.com/llvm/llvm-project/blob/main/clang/lib/Sema/SemaExpr.cpp#L4616-L4617
but the following lines can, and in the case of the code in the issue, nullify the TypeInfo
https://github.com/llvm/llvm-project/blob/main/clang/lib/Sema/SemaExpr.cpp#L4616-L4617
Thus, adding the additional check for nullptr prevents the erroneous memory access.
@shafik Thoughts? Thanks
>From 215a126137ef43bbb24abbd5c0847744d2a4d083 Mon Sep 17 00:00:00 2001
From: Andrew Sukach <andrewsukach at gmail.com>
Date: Sat, 12 Oct 2024 19:47:30 -0400
Subject: [PATCH] [clang] Check for null TypeSourceInfo in
Sema::CreateUnaryExprOrTypeTraitExpr
---
clang/lib/Sema/SemaExpr.cpp | 3 +++
1 file changed, 3 insertions(+)
diff --git a/clang/lib/Sema/SemaExpr.cpp b/clang/lib/Sema/SemaExpr.cpp
index 4e37385710af5e..b0bd216c5dc101 100644
--- a/clang/lib/Sema/SemaExpr.cpp
+++ b/clang/lib/Sema/SemaExpr.cpp
@@ -4629,6 +4629,9 @@ ExprResult Sema::CreateUnaryExprOrTypeTraitExpr(TypeSourceInfo *TInfo,
TInfo->getType()->isVariablyModifiedType())
TInfo = TransformToPotentiallyEvaluated(TInfo);
+ if (!TInfo)
+ return ExprError();
+
// C99 6.5.3.4p4: the type (an unsigned integer type) is size_t.
return new (Context) UnaryExprOrTypeTraitExpr(
ExprKind, TInfo, Context.getSizeType(), OpLoc, R.getEnd());
More information about the cfe-commits
mailing list