[Lldb-commits] [lldb] r346932 - Fix a use-after-free of the ABI plugin.

Zachary Turner via lldb-commits lldb-commits at lists.llvm.org
Wed Nov 14 21:06:59 PST 2018 

Author: zturner
Date: Wed Nov 14 21:06:59 2018
New Revision: 346932

URL: http://llvm.org/viewvc/llvm-project?rev=346932&view=rev
Log:
Fix a use-after-free of the ABI plugin.

This was introduced in r346775.  Previously the ABI shared_ptr
was declared as a function local static meaning it would live
forever.  After the change, someone has to create a strong
reference to it or it will go away.  In this code, we were
calling ABI::FindPlugin(...).get(), so it was being immediately
destroyed and we were holding onto a dangling pointer.

Modified:
    lldb/trunk/source/Symbol/Variable.cpp

Modified: lldb/trunk/source/Symbol/Variable.cpp
URL: http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Symbol/Variable.cpp?rev=346932&r1=346931&r2=346932&view=diff
==============================================================================
--- lldb/trunk/source/Symbol/Variable.cpp (original)
+++ lldb/trunk/source/Symbol/Variable.cpp Wed Nov 14 21:06:59 2018
@@ -156,14 +156,14 @@ void Variable::Dump(Stream *s, bool show
                                 .GetBaseAddress()
                                 .GetFileAddress();
     }
-    ABI *abi = nullptr;
+    ABISP abi;
     if (m_owner_scope) {
       ModuleSP module_sp(m_owner_scope->CalculateSymbolContextModule());
       if (module_sp)
-        abi = ABI::FindPlugin(ProcessSP(), module_sp->GetArchitecture()).get();
+        abi = ABI::FindPlugin(ProcessSP(), module_sp->GetArchitecture());
     }
     m_location.GetDescription(s, lldb::eDescriptionLevelBrief,
-                              loclist_base_addr, abi);
+                              loclist_base_addr, abi.get());
   }
 
   if (m_external)
@@ -458,11 +458,11 @@ bool Variable::DumpLocationForAddress(St
     SymbolContext sc;
     CalculateSymbolContext(&sc);
     if (sc.module_sp == address.GetModule()) {
-      ABI *abi = nullptr;
+      ABISP abi;
       if (m_owner_scope) {
         ModuleSP module_sp(m_owner_scope->CalculateSymbolContextModule());
         if (module_sp)
-          abi = ABI::FindPlugin(ProcessSP(), module_sp->GetArchitecture()).get();
+          abi = ABI::FindPlugin(ProcessSP(), module_sp->GetArchitecture());
       }
 
       const addr_t file_addr = address.GetFileAddress();
@@ -474,11 +474,12 @@ bool Variable::DumpLocationForAddress(St
             return false;
           return m_location.DumpLocationForAddress(s, eDescriptionLevelBrief,
                                                    loclist_base_file_addr,
-                                                   file_addr, abi);
+                                                   file_addr, abi.get());
         }
       }
-      return m_location.DumpLocationForAddress(
-          s, eDescriptionLevelBrief, LLDB_INVALID_ADDRESS, file_addr, abi);
+      return m_location.DumpLocationForAddress(s, eDescriptionLevelBrief,
+                                               LLDB_INVALID_ADDRESS, file_addr,
+                                               abi.get());
     }
   }
   return false;

More information about the lldb-commits mailing list