[llvm] [LLVM][Demangle] Fix MS Demangler to be stricter about wide string literals (PR #134483)
Shafik Yaghmour via llvm-commits
llvm-commits at lists.llvm.org
Fri Apr 4 22:37:43 PDT 2025
https://github.com/shafik created https://github.com/llvm/llvm-project/pull/134483
Static analysis detected that Demangler::demangleStringLiteral had a potential overflow if not checking StringByteSize properly.
Added check to ensure that for wide string it is always even and that there were the byte count did not mismatch the actual size of the literal.
Fixes: https://github.com/llvm/llvm-project/issues/129970
>From 6bb3cd53550cd8c0550fa74665df028eef139f71 Mon Sep 17 00:00:00 2001
From: Shafik Yaghmour <shafik.yaghmour at intel.com>
Date: Fri, 4 Apr 2025 22:32:13 -0700
Subject: [PATCH] [LLVM][Demangle] Fix MS Demangler to be stricter about wide
string literals
Static analysis detected that Demangler::demangleStringLiteral had a potential
overflow if not checking StringByteSize properly.
Added check to ensure that for wide string it is always even and that there were
the byte count did not mismatch the actual size of the literal.
Fixes: https://github.com/llvm/llvm-project/issues/129970
---
llvm/docs/ReleaseNotes.md | 2 ++
llvm/lib/Demangle/MicrosoftDemangle.cpp | 5 +++++
llvm/test/Demangle/invalid-manglings.test | 24 +++++++++++++++++++++++
3 files changed, 31 insertions(+)
diff --git a/llvm/docs/ReleaseNotes.md b/llvm/docs/ReleaseNotes.md
index 58cf71b947083..71543029ddbc8 100644
--- a/llvm/docs/ReleaseNotes.md
+++ b/llvm/docs/ReleaseNotes.md
@@ -70,6 +70,8 @@ Changes to LLVM infrastructure
* Removed support for target intrinsics being defined in the target directories
themselves (i.e., the `TargetIntrinsicInfo` class).
+* Fix Microsoft demanling of string literals to be stricter
+ ([Fixes 129970](https://github.com/llvm/llvm-project/issues/129970))
Changes to building LLVM
------------------------
diff --git a/llvm/lib/Demangle/MicrosoftDemangle.cpp b/llvm/lib/Demangle/MicrosoftDemangle.cpp
index 6be8b0fe73996..8d5f6b21e2e76 100644
--- a/llvm/lib/Demangle/MicrosoftDemangle.cpp
+++ b/llvm/lib/Demangle/MicrosoftDemangle.cpp
@@ -1374,6 +1374,11 @@ Demangler::demangleStringLiteral(std::string_view &MangledName) {
Result->IsTruncated = true;
while (!consumeFront(MangledName, '@')) {
+ // For a wide string StringByteSize has to have an even length.
+ if (StringByteSize % 2 != 0)
+ goto StringLiteralError;
+ if (StringByteSize == 0)
+ goto StringLiteralError;
if (MangledName.size() < 2)
goto StringLiteralError;
wchar_t W = demangleWcharLiteral(MangledName);
diff --git a/llvm/test/Demangle/invalid-manglings.test b/llvm/test/Demangle/invalid-manglings.test
index b77288488b2db..5d80d2d33e970 100644
--- a/llvm/test/Demangle/invalid-manglings.test
+++ b/llvm/test/Demangle/invalid-manglings.test
@@ -379,3 +379,27 @@
; CHECK-EMPTY:
; CHECK-NEXT: .?AUBase@@@8
; CHECK-NEXT: error: Invalid mangled name
+
+; Begin GH129970
+
+??_C at _12EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _12EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _16EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _16EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _18EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _18EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _15EEHFKJGG@?$AAt?$AAe?$AAx?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _15EEHFKJGG@?$AAt?$AAe?$AAx?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+; End GH129970
More information about the llvm-commits
mailing list