From 5efecd1377ee903afa8cde9884663f747d5109d4 Mon Sep 17 00:00:00 2001 From: Richard Diamond Date: Wed, 25 Nov 2015 22:49:48 +0000 Subject: [PATCH] Fix a use-after-free in `llvm-config`. Summary: This could happen if `GetComponentNames` is true, because `Name` from `VisitComponent` would reference a stack instance of `std::string` in `ComputeLibsForComponents`. Reviewers: beanz Subscribers: llvm-commits Differential Revision: http://reviews.llvm.org/D14913 git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@254108 91177308-0d34-0410-b5e6-96231b3b80d8 --- tools/llvm-config/llvm-config.cpp | 20 ++++++++++---------- 1 file changed, 10 insertions(+), 10 deletions(-) diff --git a/tools/llvm-config/llvm-config.cpp b/tools/llvm-config/llvm-config.cpp index d086f4951c1..80f627936d0 100644 --- a/tools/llvm-config/llvm-config.cpp +++ b/tools/llvm-config/llvm-config.cpp @@ -56,10 +56,10 @@ using namespace llvm; /// libraries. /// \param GetComponentNames - Get the component names instead of the /// library name. -static void VisitComponent(StringRef Name, +static void VisitComponent(const std::string& Name, const StringMap &ComponentMap, std::set &VisitedComponents, - std::vector &RequiredLibs, + std::vector &RequiredLibs, bool IncludeNonInstalled, bool GetComponentNames, const std::string *ActiveLibDir, bool *HasMissing) { // Lookup the component. @@ -105,11 +105,11 @@ static void VisitComponent(StringRef Name, /// \param IncludeNonInstalled - Whether non-installed components should be /// reported. /// \param GetComponentNames - True if one would prefer the component names. -static std::vector +static std::vector ComputeLibsForComponents(const std::vector &Components, bool IncludeNonInstalled, bool GetComponentNames, const std::string *ActiveLibDir, bool *HasMissing) { - std::vector RequiredLibs; + std::vector RequiredLibs; std::set VisitedComponents; // Build a map of component names to information. @@ -195,8 +195,8 @@ std::string GetExecutablePath(const char *Argv0) { /// \brief Expand the semi-colon delimited LLVM_DYLIB_COMPONENTS into /// the full list of components. -std::vector GetAllDyLibComponents(const bool IsInDevelopmentTree, - const bool GetComponentNames) { +std::vector GetAllDyLibComponents(const bool IsInDevelopmentTree, + const bool GetComponentNames) { std::vector DyLibComponents; StringRef DyLibComponentsStr(LLVM_DYLIB_COMPONENTS); @@ -453,7 +453,7 @@ int main(int argc, char **argv) { /// If there are missing static archives and a dylib was /// built, print LLVM_DYLIB_COMPONENTS instead of everything /// in the manifest. - std::vector Components; + std::vector Components; for (unsigned j = 0; j != array_lengthof(AvailableComponents); ++j) { // Only include non-installed components when in a development tree. if (!AvailableComponents[j].IsInstalled && !IsInDevelopmentTree) @@ -526,14 +526,14 @@ int main(int argc, char **argv) { // Construct the list of all the required libraries. bool HasMissing = false; - std::vector RequiredLibs = + std::vector RequiredLibs = ComputeLibsForComponents(Components, /*IncludeNonInstalled=*/IsInDevelopmentTree, false, &ActiveLibDir, &HasMissing); if (PrintSharedMode) { std::unordered_set FullDyLibComponents; - std::vector DyLibComponents = + std::vector DyLibComponents = GetAllDyLibComponents(IsInDevelopmentTree, false); for (auto &Component : DyLibComponents) { @@ -585,7 +585,7 @@ int main(int argc, char **argv) { PrintForLib(DyLibName, true); } else { for (unsigned i = 0, e = RequiredLibs.size(); i != e; ++i) { - StringRef Lib = RequiredLibs[i]; + auto Lib = RequiredLibs[i]; if (i) OS << ' '; -- 2.11.0