[PATCH] D49702: [DWARF] Use forward_list in place of SmallVector to fix use-after-free issue
Fangrui Song via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Jul 23 15:36:17 PDT 2018
MaskRay created this revision.
MaskRay added reviewers: probinson, dblaikie.
Herald added subscribers: llvm-commits, JDevlieghere.
SmallVector's elements are moved when resizing and cause use-after-free.
Repository:
rL LLVM
https://reviews.llvm.org/D49702
Files:
lib/DebugInfo/DWARF/DWARFContext.cpp
Index: lib/DebugInfo/DWARF/DWARFContext.cpp
===================================================================
--- lib/DebugInfo/DWARF/DWARFContext.cpp
+++ lib/DebugInfo/DWARF/DWARFContext.cpp
@@ -48,6 +48,7 @@
#include "llvm/Support/raw_ostream.h"
#include <algorithm>
#include <cstdint>
+#include <forward_list>
#include <map>
#include <string>
#include <utility>
@@ -1248,7 +1249,9 @@
StringRef TUIndexSection;
StringRef LineStringSection;
- SmallVector<SmallString<32>, 4> UncompressedSections;
+ // A container holding section data whose iterators are not invalidated when
+ // new decompressed sections are added.
+ std::forward_list<SmallString<0>> UncompressedSections;
StringRef *mapSectionToMember(StringRef Name) {
if (DWARFSection *Sec = mapNameToDWARFSection(Name))
@@ -1286,12 +1289,12 @@
if (!Decompressor)
return Decompressor.takeError();
- SmallString<32> Out;
+ SmallString<0> Out;
if (auto Err = Decompressor->resizeAndDecompress(Out))
return Err;
- UncompressedSections.emplace_back(std::move(Out));
- Data = UncompressedSections.back();
+ UncompressedSections.push_front(std::move(Out));
+ Data = UncompressedSections.front();
return Error::success();
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D49702.156901.patch
Type: text/x-patch
Size: 1260 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20180723/453216c2/attachment.bin>
More information about the llvm-commits
mailing list