[PATCH] D149061: [clang] remove dereferencing of invalid pointer
Ashay Rane via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Mon Apr 24 06:37:22 PDT 2023
ashay-github created this revision.
ashay-github added reviewers: nickdesaulniers, DavidSpickett, MaskRay, ayzhao.
Herald added a project: All.
ashay-github requested review of this revision.
Herald added a project: LLVM.
Herald added a subscriber: llvm-commits.
A line in the demangling code for float literals dereferences the
`.end()` iterator, which causes the Windows debug build of llvm-cxxfilt
to crash. The failure can be reproduced by passing the string
`_Z5dummyIXtl8wrapper1IdEtlNS1_Ut_Edi9RightNametlNS2_Ut_ELd405ec00000000000EEEEEEvv`
to `llvm-cxxfilt -n`.
This patch rewrites the code to use the `.size()` member of the
string_view type to avoid dereferencing past the buffer.
Repository:
rG LLVM Github Monorepo
https://reviews.llvm.org/D149061
Files:
llvm/include/llvm/Demangle/ItaniumDemangle.h
Index: llvm/include/llvm/Demangle/ItaniumDemangle.h
===================================================================
--- llvm/include/llvm/Demangle/ItaniumDemangle.h
+++ llvm/include/llvm/Demangle/ItaniumDemangle.h
@@ -2331,11 +2331,9 @@
void printLeft(OutputBuffer &OB) const override {
const char *first = &*Contents.begin();
- const char *last = &*Contents.end() + 1;
-
const size_t N = FloatData<Float>::mangled_size;
- if (static_cast<std::size_t>(last - first) > N) {
- last = first + N;
+ if (Contents.size() >= N) {
+ const char *last = first + N;
union {
Float value;
char buf[sizeof(Float)];
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D149061.516385.patch
Type: text/x-patch
Size: 664 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20230424/b1fb2e24/attachment.bin>
More information about the llvm-commits
mailing list