[llvm] [LLVM][Demangle] Fix MS Demangler to be stricter about wide string literals (PR #134483)

Mon Apr 7 09:52:53 PDT 2025

https://github.com/shafik updated https://github.com/llvm/llvm-project/pull/134483

>From 6bb3cd53550cd8c0550fa74665df028eef139f71 Mon Sep 17 00:00:00 2001
From: Shafik Yaghmour <shafik.yaghmour at intel.com>
Date: Fri, 4 Apr 2025 22:32:13 -0700
Subject: [PATCH 1/2] [LLVM][Demangle] Fix MS Demangler to be stricter about
 wide string literals

Static analysis detected that Demangler::demangleStringLiteral had a potential
overflow if not checking StringByteSize properly.

Added check to ensure that for wide string it is always even and that there were
the byte count did not mismatch the actual size of the literal.

Fixes: https://github.com/llvm/llvm-project/issues/129970
---
 llvm/docs/ReleaseNotes.md                 |  2 ++
 llvm/lib/Demangle/MicrosoftDemangle.cpp   |  5 +++++
 llvm/test/Demangle/invalid-manglings.test | 24 +++++++++++++++++++++++
 3 files changed, 31 insertions(+)

diff --git a/llvm/docs/ReleaseNotes.md b/llvm/docs/ReleaseNotes.md
index 58cf71b947083..71543029ddbc8 100644
--- a/llvm/docs/ReleaseNotes.md
+++ b/llvm/docs/ReleaseNotes.md
@@ -70,6 +70,8 @@ Changes to LLVM infrastructure
 
 * Removed support for target intrinsics being defined in the target directories
   themselves (i.e., the `TargetIntrinsicInfo` class).
+* Fix Microsoft demanling of string literals to be stricter
+  ([Fixes 129970](https://github.com/llvm/llvm-project/issues/129970))
 
 Changes to building LLVM
 ------------------------
diff --git a/llvm/lib/Demangle/MicrosoftDemangle.cpp b/llvm/lib/Demangle/MicrosoftDemangle.cpp
index 6be8b0fe73996..8d5f6b21e2e76 100644
--- a/llvm/lib/Demangle/MicrosoftDemangle.cpp
+++ b/llvm/lib/Demangle/MicrosoftDemangle.cpp
@@ -1374,6 +1374,11 @@ Demangler::demangleStringLiteral(std::string_view &MangledName) {
       Result->IsTruncated = true;
 
     while (!consumeFront(MangledName, '@')) {
+      // For a wide string StringByteSize has to have an even length.
+      if (StringByteSize % 2 != 0)
+        goto StringLiteralError;
+      if (StringByteSize == 0)
+        goto StringLiteralError;
       if (MangledName.size() < 2)
         goto StringLiteralError;
       wchar_t W = demangleWcharLiteral(MangledName);
diff --git a/llvm/test/Demangle/invalid-manglings.test b/llvm/test/Demangle/invalid-manglings.test
index b77288488b2db..5d80d2d33e970 100644
--- a/llvm/test/Demangle/invalid-manglings.test
+++ b/llvm/test/Demangle/invalid-manglings.test
@@ -379,3 +379,27 @@
 ; CHECK-EMPTY:
 ; CHECK-NEXT: .?AUBase@@@8
 ; CHECK-NEXT: error: Invalid mangled name
+
+; Begin GH129970
+
+??_C at _12EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _12EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _16EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _16EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _18EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _18EEHFKJGG@?$AAt?$AAe?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+??_C at _15EEHFKJGG@?$AAt?$AAe?$AAx?$AAx@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??_C at _15EEHFKJGG@?$AAt?$AAe?$AAx?$AAx@
+; CHECK-NEXT: error: Invalid mangled name
+
+; End GH129970

>From 76acfd6776990b5664d20a380e78ff0a07c8368f Mon Sep 17 00:00:00 2001
From: Shafik Yaghmour <shafik.yaghmour at intel.com>
Date: Mon, 7 Apr 2025 09:52:10 -0700
Subject: [PATCH 2/2] Fixing spelling error and link to issue.

---
 llvm/docs/ReleaseNotes.md | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/llvm/docs/ReleaseNotes.md b/llvm/docs/ReleaseNotes.md
index 71543029ddbc8..526d6b4002bba 100644
--- a/llvm/docs/ReleaseNotes.md
+++ b/llvm/docs/ReleaseNotes.md
@@ -70,8 +70,8 @@ Changes to LLVM infrastructure
 
 * Removed support for target intrinsics being defined in the target directories
   themselves (i.e., the `TargetIntrinsicInfo` class).
-* Fix Microsoft demanling of string literals to be stricter
-  ([Fixes 129970](https://github.com/llvm/llvm-project/issues/129970))
+* Fix Microsoft demangling of string literals to be stricter
+  (#GH129970))
 
 Changes to building LLVM
 ------------------------

