From d7e12574c61c2fed887963dff543bdb30258c416 Mon Sep 17 00:00:00 2001 From: Pavel Labath Date: Thu, 11 Apr 2019 14:57:34 +0000 Subject: YAMLIO: Fix serialization of strings with embedded nuls Summary: A bug/typo in Output::scalarString caused us to round-trip a StringRef through a const char *. This meant that any strings with embedded nuls were unintentionally cut short at the first such character. (It also could have caused accidental buffer overruns, but it seems that all StringRefs coming into this functions were formed from null-terminated strings.) This patch fixes the bug and adds an appropriate test. Reviewers: sammccall, jhenderson Subscribers: kristina, llvm-commits Tags: #llvm Differential Revision: https://reviews.llvm.org/D60505 llvm-svn: 358176 --- llvm/lib/Support/YAMLTraits.cpp | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'llvm/lib/Support/YAMLTraits.cpp') diff --git a/llvm/lib/Support/YAMLTraits.cpp b/llvm/lib/Support/YAMLTraits.cpp index 4b5bf6ad30d..e7932fe4239 100644 --- a/llvm/lib/Support/YAMLTraits.cpp +++ b/llvm/lib/Support/YAMLTraits.cpp @@ -660,11 +660,6 @@ void Output::scalarString(StringRef &S, QuotingType MustQuote) { return; } - unsigned i = 0; - unsigned j = 0; - unsigned End = S.size(); - const char *Base = S.data(); - const char *const Quote = MustQuote == QuotingType::Single ? "'" : "\""; output(Quote); // Starting quote. @@ -672,11 +667,16 @@ void Output::scalarString(StringRef &S, QuotingType MustQuote) { // present, and will be escaped using a variety of unicode-scalar and special short-form // escapes. This is handled in yaml::escape. if (MustQuote == QuotingType::Double) { - output(yaml::escape(Base, /* EscapePrintable= */ false)); + output(yaml::escape(S, /* EscapePrintable= */ false)); outputUpToEndOfLine(Quote); return; } + unsigned i = 0; + unsigned j = 0; + unsigned End = S.size(); + const char *Base = S.data(); + // When using single-quoted strings, any single quote ' must be doubled to be escaped. while (j < End) { if (S[j] == '\'') { // Escape quotes. -- cgit v1.2.3