[PATCH] D84050: YAML: Don't assume an arbitrary StringRef is null terminated
Duncan P. N. Exon Smith via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Thu Nov 12 13:35:22 PST 2020
dexonsmith added a comment.
In D84050#2391741 <https://reviews.llvm.org/D84050#2391741>, @scott.linder wrote:
> Restore the correct behavior of `Scanner::scanAliasOrAnchor`, last version of the patch mistakenly changed `Token.Range` when only intending to fix the error checking around an empty alias/anchor.
>
> I think this version now removes the assumption that `End` points to a dereferencable `'\0'`, but I'm not sure how to go about testing this comprehensively.
One idea would be to hack the parser to always duplicate the input, append a bad character (like `'\1'`), and parse the new buffer with the original bounds. If something reads too far it would likely get upset at the bad character. Running the test suites for LLVM and Clang with that hack might be enough coverage.
Is there a libfuzzer instance for the yaml parser? That's probably the ideal thing to do, and if it's already set up maybe it's not too hard.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D84050/new/
https://reviews.llvm.org/D84050
More information about the llvm-commits
mailing list