[llvm] ff2e619 - [clang] remove dereferencing of invalid pointer

Ashay Rane via llvm-commits llvm-commits at lists.llvm.org
Mon Apr 24 08:37:20 PDT 2023 

Author: Ashay Rane
Date: 2023-04-24T10:37:06-05:00
New Revision: ff2e6199b23525b06947785368cc3e2e93eab381

URL: https://github.com/llvm/llvm-project/commit/ff2e6199b23525b06947785368cc3e2e93eab381
DIFF: https://github.com/llvm/llvm-project/commit/ff2e6199b23525b06947785368cc3e2e93eab381.diff

LOG: [clang] remove dereferencing of invalid pointer

A line in the demangling code for float literals dereferences the
`.end()` iterator, which causes the Windows debug build of llvm-cxxfilt
to crash.  The failure can be reproduced by passing the string
`_Z5dummyIXtl8wrapper1IdEtlNS1_Ut_Edi9RightNametlNS2_Ut_ELd405ec00000000000EEEEEEvv`
to `llvm-cxxfilt -n`.

This patch rewrites the code to use the `.size()` member of the
string_view type to avoid dereferencing past the buffer.

Reviewed By: DavidSpickett

Differential Revision: https://reviews.llvm.org/D149061

Added: 
    

Modified: 
    llvm/include/llvm/Demangle/ItaniumDemangle.h

Removed: 
    


################################################################################
diff  --git a/llvm/include/llvm/Demangle/ItaniumDemangle.h b/llvm/include/llvm/Demangle/ItaniumDemangle.h
index 428f0646d90ee..6eaf31e0dea44 100644
--- a/llvm/include/llvm/Demangle/ItaniumDemangle.h
+++ b/llvm/include/llvm/Demangle/ItaniumDemangle.h
@@ -2330,17 +2330,14 @@ template <class Float> class FloatLiteralImpl : public Node {
   template<typename Fn> void match(Fn F) const { F(Contents); }
 
   void printLeft(OutputBuffer &OB) const override {
-    const char *first = &*Contents.begin();
-    const char *last = &*Contents.end() + 1;
-
     const size_t N = FloatData<Float>::mangled_size;
-    if (static_cast<std::size_t>(last - first) > N) {
-      last = first + N;
+    if (Contents.size() >= N) {
       union {
         Float value;
         char buf[sizeof(Float)];
       };
-      const char *t = first;
+      const char *t = &*Contents.begin();
+      const char *last = t + N;
       char *e = buf;
       for (; t != last; ++t, ++e) {
         unsigned d1 = isdigit(*t) ? static_cast<unsigned>(*t - '0')

More information about the llvm-commits mailing list