diff options
| author | Zachary Turner <zturner@google.com> | 2017-05-03 05:34:00 +0000 |
|---|---|---|
| committer | Zachary Turner <zturner@google.com> | 2017-05-03 05:34:00 +0000 |
| commit | 59e83892e0a029a5d773c8d0a835d471df3ccfd2 (patch) | |
| tree | ab5a7c8453b62a42f2188ded142d3c0e20342fc6 /llvm/unittests/Support/BinaryStreamTest.cpp | |
| parent | 79d310713a618b5ba8d2a3ae9cbf58f2dae6899a (diff) | |
| download | bcm5719-llvm-59e83892e0a029a5d773c8d0a835d471df3ccfd2.tar.gz bcm5719-llvm-59e83892e0a029a5d773c8d0a835d471df3ccfd2.zip | |
Fix use after free in BinaryStream library.
This was reported by the ASAN bot, and it turned out to be
a fairly fundamental problem with the design of VarStreamArray
and the way it passes context information to the extractor.
The fix was cumbersome, and I'm not entirely pleased with it,
so I plan to revisit this design in the future when I'm not
pressed to get the bots green again. For now, this fixes
the issue by storing the context information by value instead
of by reference, and introduces some impossibly-confusing
template magic to make things "work".
llvm-svn: 301999
Diffstat (limited to 'llvm/unittests/Support/BinaryStreamTest.cpp')
| -rw-r--r-- | llvm/unittests/Support/BinaryStreamTest.cpp | 14 |
1 files changed, 7 insertions, 7 deletions
diff --git a/llvm/unittests/Support/BinaryStreamTest.cpp b/llvm/unittests/Support/BinaryStreamTest.cpp index 74c51e382d9..41567dad622 100644 --- a/llvm/unittests/Support/BinaryStreamTest.cpp +++ b/llvm/unittests/Support/BinaryStreamTest.cpp @@ -358,14 +358,14 @@ TEST_F(BinaryStreamTest, VarStreamArray) { struct StringExtractor { public: - typedef uint32_t ContextType; + typedef uint32_t &ContextType; static Error extract(BinaryStreamRef Stream, uint32_t &Len, StringRef &Item, - uint32_t *Index) { - if (*Index == 0) + uint32_t &Index) { + if (Index == 0) Len = strlen("1. Test"); - else if (*Index == 1) + else if (Index == 1) Len = strlen("2. Longer Test"); - else if (*Index == 2) + else if (Index == 2) Len = strlen("3. Really Long Test"); else Len = strlen("4. Super Extra Longest Test Of All"); @@ -374,14 +374,14 @@ TEST_F(BinaryStreamTest, VarStreamArray) { return EC; Item = StringRef(reinterpret_cast<const char *>(Bytes.data()), Bytes.size()); - ++(*Index); + ++Index; return Error::success(); } }; for (auto &Stream : Streams) { uint32_t Context = 0; - VarStreamArray<StringRef, StringExtractor> Array(*Stream.Input, &Context); + VarStreamArray<StringRef, StringExtractor> Array(*Stream.Input, Context); auto Iter = Array.begin(); ASSERT_EQ("1. Test", *Iter++); ASSERT_EQ("2. Longer Test", *Iter++); |
