[lld] c8466a5 - Avoid a possible one-byte OOB read off of .drectve sections
Reid Kleckner via llvm-commits
llvm-commits at lists.llvm.org
Wed Dec 9 13:32:36 PST 2020
Author: Reid Kleckner
Date: 2020-12-09T13:32:28-08:00
New Revision: c8466a57310a0f10563e4a5a511e8c6386599cfe
URL: https://github.com/llvm/llvm-project/commit/c8466a57310a0f10563e4a5a511e8c6386599cfe
DIFF: https://github.com/llvm/llvm-project/commit/c8466a57310a0f10563e4a5a511e8c6386599cfe.diff
LOG: Avoid a possible one-byte OOB read off of .drectve sections
Pointed out by Ryan Prichard
Added:
Modified:
lld/COFF/DriverUtils.cpp
Removed:
################################################################################
diff --git a/lld/COFF/DriverUtils.cpp b/lld/COFF/DriverUtils.cpp
index f289e66dc6d5..19964428050b 100644
--- a/lld/COFF/DriverUtils.cpp
+++ b/lld/COFF/DriverUtils.cpp
@@ -883,8 +883,10 @@ ParsedDirectives ArgParser::parseDirectives(StringRef s) {
tok.startswith_lower("-include:"))
result.includes.push_back(tok.substr(strlen("/include:")));
else {
- // Save non-null-terminated strings to make proper C strings.
- bool HasNul = tok.data()[tok.size()] == '\0';
+ // Copy substrings that are not valid C strings. The tokenizer may have
+ // already copied quoted arguments for us, so those do not need to be
+ // copied again.
+ bool HasNul = tok.end() != s.end() && tok.data()[tok.size()] == '\0';
rest.push_back(HasNul ? tok.data() : saver.save(tok).data());
}
}
More information about the llvm-commits
mailing list