Fariborz Jahanian wrote: > Author: fjahanian > Date: Fri Oct 23 18:55:43 2009 > New Revision: 84980 > > URL: http://llvm.org/viewvc/llvm-project?rev=84980&view=rev > Log: > Fixe a buffer overflow problem which causes a crash > in a certain project. Need to have a permananent fix later > (FIXME added). > > > Modified: > cfe/trunk/lib/AST/ASTContext.cpp > > Modified: cfe/trunk/lib/AST/ASTContext.cpp > URL: > http://llvm.org/viewvc/llvm-project/cfe/trunk/lib/AST/ASTContext.cpp?rev=84980&r1=84979&r2=84980&view=diff > > ============================================================================== > --- cfe/trunk/lib/AST/ASTContext.cpp (original) > +++ cfe/trunk/lib/AST/ASTContext.cpp Fri Oct 23 18:55:43 2009 > @@ -2855,8 +2855,10 @@ > > // FIXME: Move up > static int UniqueBlockByRefTypeID = 0; > - char Name[36]; > + // FIXME. This is error prone. Luckinly stack-canary stuff caught it. > + char Name[128]; > sprintf(Name, "__Block_byref_%d_%s", ++UniqueBlockByRefTypeID, DeclName); > + assert((strlen(Name) < sizeof(Name)) && "BuildByRefType - buffer > overflow"); > RecordDecl *T; > T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl, SourceLocation(), > &Idents.get(Name)); > @@ -2904,8 +2906,10 @@ > llvm::SmallVector<const Expr *, 8> &BlockDeclRefDecls) { > // FIXME: Move up > static int UniqueBlockParmTypeID = 0; > - char Name[36]; > + // FIXME. This is error prone. Luckinly stack-canary stuff caught it. > + char Name[128]; > sprintf(Name, "__block_literal_%u", ++UniqueBlockParmTypeID); > + assert((strlen(Name) < sizeof(Name)) && "getBlockParmType - buffer > overflow"); > RecordDecl *T; > T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl, SourceLocation(), > &Idents.get(Name)); > >
It doesn't fix the problem properly, but snprintf() will at least never trash the stack, and the return value will still permit the assert. John. _______________________________________________ cfe-commits mailing list [email protected] http://lists.cs.uiuc.edu/mailman/listinfo/cfe-commits
