[llvm] 8f12336 - [llvm/Support] Don't crash on empty nullptr ranges when decoding LEBs

Mon Apr 6 05:14:24 PDT 2020

Author: Pavel Labath
Date: 2020-04-06T14:14:11+02:00
New Revision: 8f1233699bf64fca1a94dcffe955396f05fdb957

URL: https://github.com/llvm/llvm-project/commit/8f1233699bf64fca1a94dcffe955396f05fdb957
DIFF: https://github.com/llvm/llvm-project/commit/8f1233699bf64fca1a94dcffe955396f05fdb957.diff

LOG: [llvm/Support] Don't crash on empty nullptr ranges when decoding LEBs

Summary:
If the decoding functions are called with both start and end pointers
being nullptr, the function will crash due to a nullptr dereference.
This happens because the function does not recognise nullptr as a valid
end pointer.

Obviously, nobody is going to pass null pointers here deliberately, but
it can happen indirectly (as it did for me), when calling these
functions on an ArrayRef, as a default-initialized empty ArrayRef will
have both begin() and end() pointers equal to nullptr.

The fix is to simply remove the nullptr check. Passing nullptr for "end"
with a valid "begin" pointer will still work, as one cannot reach
nullptr by incrementing a valid pointer without triggerring UB.

Reviewers: dblaikie

Subscribers: llvm-commits

Tags: #llvm

Differential Revision: https://reviews.llvm.org/D77304

Added: 
    

Modified: 
    llvm/include/llvm/Support/LEB128.h
    llvm/unittests/Support/LEB128Test.cpp

Removed: 
    


################################################################################
diff  --git a/llvm/include/llvm/Support/LEB128.h b/llvm/include/llvm/Support/LEB128.h
index a02b83ca9597..8ab35431354d 100644

--- a/llvm/include/llvm/Support/LEB128.h
+++ b/llvm/include/llvm/Support/LEB128.h
@@ -134,7 +134,7 @@ inline uint64_t decodeULEB128(const uint8_t *p, unsigned *n = nullptr,
   if (error)
     *error = nullptr;
   do {
-    if (end && p == end) {
+    if (p == end) {
       if (error)
         *error = "malformed uleb128, extends past end";
       if (n)
@@ -168,7 +168,7 @@ inline int64_t decodeSLEB128(const uint8_t *p, unsigned *n = nullptr,
   if (error)
     *error = nullptr;
   do {
-    if (end && p == end) {
+    if (p == end) {
       if (error)
         *error = "malformed sleb128, extends past end";
       if (n)

diff  --git a/llvm/unittests/Support/LEB128Test.cpp b/llvm/unittests/Support/LEB128Test.cpp
index e429279ff9fb..9a5d4cbaba3b 100644
--- a/llvm/unittests/Support/LEB128Test.cpp
+++ b/llvm/unittests/Support/LEB128Test.cpp
@@ -113,6 +113,9 @@ TEST(LEB128Test, DecodeULEB128) {
     EXPECT_EQ(EXPECTED, Actual); \
   } while (0)
 
+  // Don't crash
+  EXPECT_EQ(0u, decodeULEB128(nullptr, nullptr, nullptr));
+
   // Decode ULEB128
   EXPECT_DECODE_ULEB128_EQ(0u, "\x00");
   EXPECT_DECODE_ULEB128_EQ(1u, "\x01");
@@ -148,6 +151,9 @@ TEST(LEB128Test, DecodeSLEB128) {
     EXPECT_EQ(EXPECTED, Actual); \
   } while (0)
 
+  // Don't crash
+  EXPECT_EQ(0, decodeSLEB128(nullptr, nullptr, nullptr));
+
   // Decode SLEB128
   EXPECT_DECODE_SLEB128_EQ(0L, "\x00");
   EXPECT_DECODE_SLEB128_EQ(1L, "\x01");


        
