This is an archive of the discontinued LLVM Phabricator instance.

Differential D144706

[Support][MemBuffer] Prevent UB on empty StringRefs
ClosedPublic

Authored by kadircet on Feb 24 2023, 12:44 AM.

Details

Reviewers
vitalybuka
chandlerc
Commits
rG710983ab540f: [Support][MemBuffer] Prevent UB on empty StringRefs
Summary

Empty StringRefs are usually identified by their length being zero, and
sometimes they'll have Data==nullptr (e.g. default constructed, or derived from
an operation like split/copy and result turned out to be empty).

If such StringRef objects are passed to llvm::MemoryBuffer::getMemBufferCopy,
it'll result in UB as neither src nor dst can be null, even if size is zero.

This patch prevents that UB by not issuing a copy whenever StringRef is empty.

Diff Detail

Event Timeline

kadircet created this revision.Feb 24 2023, 12:44 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 24 2023, 12:44 AM
Herald added a subscriber: hiraditya. · View Herald Transcript
kadircet requested review of this revision.Feb 24 2023, 12:44 AM
Herald added a project: Restricted Project. · View Herald TranscriptFeb 24 2023, 12:44 AM
Herald added a subscriber: llvm-commits. · View Herald Transcript
kadircet mentioned this in D142890: [clangd] Add config option for fast diagnostics mode.Feb 24 2023, 12:57 AM
uabelho added a subscriber: uabelho.Feb 24 2023, 1:01 AM
vitalybuka accepted this revision.Feb 24 2023, 1:31 AM
This revision is now accepted and ready to land.Feb 24 2023, 1:31 AM
kadircet added a reviewer: chandlerc.Feb 24 2023, 1:39 AM

adding Chandler, as he's the code owner here. I'll let this patch sit for a couple (business) days to make sure people with more (historical) context can make comments

Harbormaster completed remote builds in B215686: Diff 500100.Feb 24 2023, 1:44 AM
sammccall added a subscriber: sammccall.Feb 24 2023, 2:16 AM
sammccall added inline comments.
llvm/lib/Support/MemoryBuffer.cpp
141–143

instead of the check + comment, you can use std::copy which doesn't have this deficiency

kadircet added inline comments.Feb 24 2023, 2:34 AM
llvm/lib/Support/MemoryBuffer.cpp
141–143

thanks that makes sense, i'd be happy to change it to use std::copy if there are no objections anytime soon

kadircet updated this revision to Diff 505010.Mar 14 2023, 3:30 AM
kadircet marked an inline comment as done.

Use std::copy

Harbormaster completed remote builds in B219301: Diff 505010.Mar 14 2023, 4:38 AM
This revision was landed with ongoing or failed builds.Mar 14 2023, 4:59 AM
Closed by commit rG710983ab540f: [Support][MemBuffer] Prevent UB on empty StringRefs (authored by kadircet). · Explain Why
This revision was automatically updated to reflect the committed changes.
kadircet added a commit: rG710983ab540f: [Support][MemBuffer] Prevent UB on empty StringRefs.

Revision Contents

PathSize
llvm/
lib/
Support/
9 lines
unittests/
Support/
4 lines

Diff 505037

llvm/lib/Support/MemoryBuffer.cpp

//===--- MemoryBuffer.cpp - Memory Buffer implementation ------------------===// //===--- MemoryBuffer.cpp - Memory Buffer implementation ------------------===//
// //
// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
// See https://llvm.org/LICENSE.txt for license information. // See https://llvm.org/LICENSE.txt for license information.
// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
// //
// This file implements the MemoryBuffer interface. // This file implements the MemoryBuffer interface.
// //
//===----------------------------------------------------------------------===// //===----------------------------------------------------------------------===//
#include "llvm/Support/MemoryBuffer.h" #include "llvm/Support/MemoryBuffer.h"
#include "llvm/ADT/STLExtras.h"
#include "llvm/ADT/SmallString.h" #include "llvm/ADT/SmallString.h"
#include "llvm/Config/config.h" #include "llvm/Config/config.h"
#include "llvm/Support/Alignment.h" #include "llvm/Support/Alignment.h"
#include "llvm/Support/Errc.h" #include "llvm/Support/Errc.h"
#include "llvm/Support/Error.h" #include "llvm/Support/Error.h"
#include "llvm/Support/ErrorHandling.h" #include "llvm/Support/ErrorHandling.h"
#include "llvm/Support/FileSystem.h" #include "llvm/Support/FileSystem.h"
#include "llvm/Support/MathExtras.h" #include "llvm/Support/MathExtras.h"
#include "llvm/Support/Process.h" #include "llvm/Support/Process.h"
#include "llvm/Support/Program.h" #include "llvm/Support/Program.h"
#include "llvm/Support/SmallVectorMemoryBuffer.h" #include "llvm/Support/SmallVectorMemoryBuffer.h"
#include <algorithm>
#include <cassert> #include <cassert>
#include <cstring> #include <cstring>
#include <new> #include <new>
#include <sys/types.h> #include <sys/types.h>
#include <system_error> #include <system_error>
#if !defined(_MSC_VER) && !defined(__MINGW32__) #if !defined(_MSC_VER) && !defined(__MINGW32__)
#include <unistd.h> #include <unistd.h>
#else #else
▲ Show 20 LinesShow All 94 Lines▼ Show 20 Lines
std::unique_ptr<MemoryBuffer> std::unique_ptr<MemoryBuffer>
MemoryBuffer::getMemBuffer(MemoryBufferRef Ref, bool RequiresNullTerminator) { MemoryBuffer::getMemBuffer(MemoryBufferRef Ref, bool RequiresNullTerminator) {
return std::unique_ptr<MemoryBuffer>(getMemBuffer( return std::unique_ptr<MemoryBuffer>(getMemBuffer(
Ref.getBuffer(), Ref.getBufferIdentifier(), RequiresNullTerminator)); Ref.getBuffer(), Ref.getBufferIdentifier(), RequiresNullTerminator));
} }
static ErrorOr<std::unique_ptr<WritableMemoryBuffer>> static ErrorOr<std::unique_ptr<WritableMemoryBuffer>>
getMemBufferCopyImpl(StringRef InputData, const Twine &BufferName) { getMemBufferCopyImpl(StringRef InputData, const Twine &BufferName) {
auto Buf = WritableMemoryBuffer::getNewUninitMemBuffer(InputData.size(), BufferName); auto Buf =
WritableMemoryBuffer::getNewUninitMemBuffer(InputData.size(), BufferName);
if (!Buf) if (!Buf)
return make_error_code(errc::not_enough_memory); return make_error_code(errc::not_enough_memory);
memcpy(Buf->getBufferStart(), InputData.data(), InputData.size()); // Calling memcpy with null src/dst is UB, and an empty StringRef is
// represented with {nullptr, 0}.
llvm::copy(InputData, Buf->getBufferStart());
sammccallUnsubmitted
Done
ReplyInline Actions

instead of the check + comment, you can use std::copy which doesn't have this deficiency

sammccall: instead of the check + comment, you can use std::copy which doesn't have this deficiency
kadircetAuthorUnsubmitted
Done
ReplyInline Actions

thanks that makes sense, i'd be happy to change it to use std::copy if there are no objections anytime soon

kadircet: thanks that makes sense, i'd be happy to change it to use `std::copy` if there are no…
return std::move(Buf); return std::move(Buf);
} }
std::unique_ptr<MemoryBuffer> std::unique_ptr<MemoryBuffer>
MemoryBuffer::getMemBufferCopy(StringRef InputData, const Twine &BufferName) { MemoryBuffer::getMemBufferCopy(StringRef InputData, const Twine &BufferName) {
auto Buf = getMemBufferCopyImpl(InputData, BufferName); auto Buf = getMemBufferCopyImpl(InputData, BufferName);
if (Buf) if (Buf)
return std::move(*Buf); return std::move(*Buf);
▲ Show 20 LinesShow All 418 LinesShow Last 20 Lines

llvm/unittests/Support/MemoryBufferTest.cpp

Show First 20 LinesShow All 155 Lines▼ Show 20 LinesTEST_F(MemoryBufferTest, copy) {
EXPECT_NE(nullptr, MBC1.get()); EXPECT_NE(nullptr, MBC1.get());
// copy with a name // copy with a name
OwningBuffer MBC2(MemoryBuffer::getMemBufferCopy(data, "copy")); OwningBuffer MBC2(MemoryBuffer::getMemBufferCopy(data, "copy"));
EXPECT_NE(nullptr, MBC2.get()); EXPECT_NE(nullptr, MBC2.get());
// verify the two copies do not point to the same place // verify the two copies do not point to the same place
EXPECT_NE(MBC1->getBufferStart(), MBC2->getBufferStart()); EXPECT_NE(MBC1->getBufferStart(), MBC2->getBufferStart());
// check that copies from defaulted stringrefs don't trigger UB.
OwningBuffer MBC3(MemoryBuffer::getMemBufferCopy(StringRef{}));
EXPECT_NE(nullptr, MBC3.get());
} }
#if LLVM_ENABLE_THREADS #if LLVM_ENABLE_THREADS
TEST_F(MemoryBufferTest, createFromPipe) { TEST_F(MemoryBufferTest, createFromPipe) {
sys::fs::file_t pipes[2]; sys::fs::file_t pipes[2];
#if LLVM_ON_UNIX #if LLVM_ON_UNIX
ASSERT_EQ(::pipe(pipes), 0) << strerror(errno); ASSERT_EQ(::pipe(pipes), 0) << strerror(errno);
#else #else
▲ Show 20 LinesShow All 285 LinesShow Last 20 Lines