[Openmp-commits] [PATCH] D90962: [OpenMP] Fix possible NULL dereferences

Nawrin Sultana via Phabricator via Openmp-commits openmp-commits at lists.llvm.org
Fri Nov 6 11:47:07 PST 2020 

Nawrin created this revision.
Nawrin added a reviewer: AndreyChurbanov.
Nawrin added a project: OpenMP.
Herald added subscribers: guansong, yaxunl.
Nawrin requested review of this revision.
Herald added a reviewer: jdoerfert.
Herald added a subscriber: sstefan1.

This patch checks pointer after all calls to strchr just in case format of the location string is broken.

Patch by Andrey Churbanov


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D90962

Files:
  openmp/runtime/src/kmp_itt.inl


Index: openmp/runtime/src/kmp_itt.inl
===================================================================
--- openmp/runtime/src/kmp_itt.inl
+++ openmp/runtime/src/kmp_itt.inl
@@ -365,25 +365,30 @@
   }
 
   // Parse line and column from psource string: ";file;func;line;col;;"
+  kmp_uint64 loop_data[5];
   char *s_line;
-  char *s_col;
+  char *s_col = NULL;
   KMP_DEBUG_ASSERT(loc->psource);
 #ifdef __cplusplus
   s_line = strchr(CCAST(char *, loc->psource), ';');
 #else
   s_line = strchr(loc->psource, ';');
 #endif
-  KMP_DEBUG_ASSERT(s_line);
-  s_line = strchr(s_line + 1, ';'); // 2-nd semicolon
-  KMP_DEBUG_ASSERT(s_line);
-  s_line = strchr(s_line + 1, ';'); // 3-rd semicolon
-  KMP_DEBUG_ASSERT(s_line);
-  s_col = strchr(s_line + 1, ';'); // 4-th semicolon
-  KMP_DEBUG_ASSERT(s_col);
-
-  kmp_uint64 loop_data[5];
-  loop_data[0] = atoi(s_line + 1); // read line
-  loop_data[1] = atoi(s_col + 1); // read column
+  // check pointers in case the format of psource is broken
+  if (s_line)
+    s_line = strchr(s_line + 1, ';'); // 2-nd semicolon
+  if (s_line)
+    s_line = strchr(s_line + 1, ';'); // 3-rd semicolon
+  if (s_line) {
+    loop_data[0] = atoi(s_line + 1); // read line #
+    s_col = strchr(s_line + 1, ';'); // 4-th semicolon
+  } else {
+    loop_data[0] = 0;
+  }
+  if (s_col)
+    loop_data[1] = atoi(s_col + 1); // read column #
+  else
+    loop_data[1] = 0;
   loop_data[2] = sched_type;
   loop_data[3] = iterations;
   loop_data[4] = chunk;


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D90962.303511.patch
Type: text/x-patch
Size: 1488 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/openmp-commits/attachments/20201106/969a36f2/attachment.bin>

More information about the Openmp-commits mailing list