[clang] [clang-format] Fix crash in TokenAnnotator (PR #82349)

Tue, 20 Feb 2024 04:17:05 -0800 

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->

@llvm/pr-subscribers-clang-format

Author: Emilia Kond (rymiel)

<details>
<summary>Changes</summary>

The while loop on line 3814 can cause a segmentation fault getting the Next 
field on a nullptr. This is because further down, on line 3823, there is 
another for loop, which assigns Tok to Tok-&gt;Next in its initializer. This 
for loop has a condition to check if the result of that isn't null. If it is, 
the loop is skipped and we drop back out to the outer loop, except, now Tok is 
null, and we try to dereference it without checking first.

This patch adds a defensive check that returns if Tok-&gt;Next is null before 
we make it to the second for loop.

Fixes https://github.com/llvm/llvm-project/issues/82328

---
Full diff: https://github.com/llvm/llvm-project/pull/82349.diff


2 Files Affected:

- (modified) clang/lib/Format/TokenAnnotator.cpp (+1-1) 
- (modified) clang/unittests/Format/FormatTest.cpp (+3) 


``````````diff
diff --git a/clang/lib/Format/TokenAnnotator.cpp 
b/clang/lib/Format/TokenAnnotator.cpp
index ec7b7f4dbe3470..a38ba8762f8505 100644
--- a/clang/lib/Format/TokenAnnotator.cpp
+++ b/clang/lib/Format/TokenAnnotator.cpp
@@ -3817,7 +3817,7 @@ void 
TokenAnnotator::calculateFormattingInformation(AnnotatedLine &Line) const {
         do {
           Tok = Tok->Next;
         } while (Tok && Tok->isNot(TT_OverloadedOperatorLParen));
-        if (!Tok)
+        if (!Tok || !Tok->Next)
           break;
         const auto *LeftParen = Tok;
         for (Tok = Tok->Next; Tok && Tok != LeftParen->MatchingParen;
diff --git a/clang/unittests/Format/FormatTest.cpp 
b/clang/unittests/Format/FormatTest.cpp
index 24f62af8ddcb87..3a3c88f609af7a 100644
--- a/clang/unittests/Format/FormatTest.cpp
+++ b/clang/unittests/Format/FormatTest.cpp
@@ -13503,6 +13503,9 @@ TEST_F(FormatTest, IncorrectCodeUnbalancedBraces) {
   verifyFormat("{");
   verifyFormat("#})");
   verifyNoCrash("(/**/[:!] ?[).");
+  verifyNoCrash("struct X{"
+                "  operator iunt("
+                "};");
 }
 
 TEST_F(FormatTest, IncorrectUnbalancedBracesInMacrosWithUnicode) {

``````````

</details>


https://github.com/llvm/llvm-project/pull/82349
_______________________________________________
cfe-commits mailing list
cfe-commits@lists.llvm.org
https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits

Reply via email to