Page MenuHomePhabricator

Fix use-after-free bug in Tooling.
ClosedPublic

Authored by ymandel on Dec 17 2018, 7:31 AM.

Details

Summary

buildASTFromCodeWithArgs() was creating a memory buffer referencing a
stack-allocated string. This diff changes the implementation to copy the code
string into the memory buffer so that said buffer owns the memory.

Diff Detail

Repository
rL LLVM

Event Timeline

ymandel created this revision.Dec 17 2018, 7:31 AM
ymandel updated this revision to Diff 178468.Dec 17 2018, 8:03 AM

Change buildAST functions to take a StringRef instead of a Twine.

In practice, code is almost never constructed on the fly using a Twine, so StringRef is simpler and avoids needing a copy when constructing the MemBuffer.

ymandel updated this revision to Diff 178470.Dec 17 2018, 8:05 AM

Change header correspondingly.

ymandel updated this revision to Diff 178507.Dec 17 2018, 11:48 AM

Update test that was calling builAST with an actual Twine.

alexfh added inline comments.Dec 17 2018, 6:06 PM
include/clang/Tooling/Tooling.h
208 ↗(On Diff #178507)

While we're here, can we change FileName and ToolName to StringRef too?

ymandel updated this revision to Diff 178651.Dec 18 2018, 6:10 AM

Convert other Twine-typed args to StringRef.

ymandel updated this revision to Diff 178653.Dec 18 2018, 6:11 AM

Adjust comments.

ymandel marked an inline comment as done.Dec 18 2018, 6:13 AM
This revision is now accepted and ready to land.Dec 18 2018, 6:58 AM

Alex, would you mind submitting this since I don't yet have submit privileges? I'll request them shortly, but I'd rather this go one in the meantime.

This revision was automatically updated to reflect the committed changes.