[lld] r341670 - MachO: Fix out-of-bounds memory access in getString16
Hans Wennborg via llvm-commits
llvm-commits at lists.llvm.org
Mon Sep 10 00:57:06 PDT 2018
On Fri, Sep 7, 2018 at 6:03 PM, Tom Stellard <tstellar at redhat.com> wrote:
> On 09/07/2018 08:48 AM, Tom Stellard via llvm-commits wrote:
>> On 09/07/2018 08:42 AM, Tom Stellard via llvm-commits wrote:
>>> Author: tstellar
>>> Date: Fri Sep 7 08:42:01 2018
>>> New Revision: 341670
>>>
>>> URL: http://llvm.org/viewvc/llvm-project?rev=341670&view=rev
>>> Log:
>>> MachO: Fix out-of-bounds memory access in getString16
>>>
>>> Summary:
>>> This fixes the following tests when gcc is compiled with gcc8:
>>>
>>> lld :: mach-o/do-not-emit-unwind-fde-arm64.yaml
>>> lld :: mach-o/eh-frame-relocs-arm64.yaml
>>>
>>> llvm.org/PR38096
>>>
>>
>> Hans,
>>
>> This is a fix for the release blocker: llvm.org/PR38096. Is ths
>> OK to merge to the release_70 branch?
>>
>
> We will need to pull in the follow-up r341672 too.
Merged them both in r341780. Thanks!
>
> -Tom
>
>> -Tom
>>
>>> Reviewers: lhames, kledzik, javed.absar
>>>
>>> Subscribers: kristof.beyls, llvm-commits
>>>
>>> Differential Revision: https://reviews.llvm.org/D51547
>>>
>>> Modified:
>>> lld/trunk/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h
>>>
>>> Modified: lld/trunk/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h
>>> URL: http://llvm.org/viewvc/llvm-project/lld/trunk/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h?rev=341670&r1=341669&r2=341670&view=diff
>>> ==============================================================================
>>> --- lld/trunk/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h (original)
>>> +++ lld/trunk/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h Fri Sep 7 08:42:01 2018
>>> @@ -185,12 +185,11 @@ packRelocation(const Relocation &r, bool
>>> return result;
>>> }
>>>
>>> -inline StringRef getString16(const char s[16]) {
>>> - StringRef x = s;
>>> - if ( x.size() > 16 )
>>> - return x.substr(0, 16);
>>> - else
>>> - return x;
>>> +static StringRef getString16(const char s[16]) {
>>> + // The StringRef(const char *) constructor passes the const char * to
>>> + // strlen(), so we can't use this constructor here, because if there is no
>>> + // null terminator in s, then strlen() will read past the end of the array.
>>> + return StringRef(s, strnlen(s, 16));
>>> }
>>>
>>> inline void setString16(StringRef str, char s[16]) {
>>>
>>>
>>> _______________________________________________
>>> llvm-commits mailing list
>>> llvm-commits at lists.llvm.org
>>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>>
>>
>> _______________________________________________
>> llvm-commits mailing list
>> llvm-commits at lists.llvm.org
>> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>>
>
More information about the llvm-commits
mailing list