Removed potential buffer overrun (spotted by Neil Booth) when NumericLiteralParser

converts a parsed literal into an APFloat. We are still performing a copy of the
string, which hopefully will be removed eventually for performance reasons. This
version now is at least safe.

Changed rounding in APFloat construction in NumericLiteralParser from rmTowardsZero
to rmNearestTiesToEven.

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@44422 91177308-0d34-0410-b5e6-96231b3b80d8

diff --git a/Lex/LiteralSupport.cpp b/Lex/LiteralSupport.cpp
index ebc66271dbd36409ad278592a84b8ba9f585ff87..f6d1a867a32915537d6d5d41eee004bdb6f14d10 100644 (file)
--- a/Lex/LiteralSupport.cpp
+++ b/Lex/LiteralSupport.cpp
@@ -413,26 +413,21 @@ llvm::APFloat NumericLiteralParser::
 GetFloatValue(const llvm::fltSemantics &Format, bool* isExact) {
   using llvm::APFloat;
   
-  char floatChars[256];
-  strncpy(floatChars, ThisTokBegin, ThisTokEnd-ThisTokBegin);
-  floatChars[ThisTokEnd-ThisTokBegin] = '\0';
-
-#if 1
+  llvm::SmallVector<char,256> floatChars;
+  for (unsigned i = 0, n = ThisTokEnd-ThisTokBegin; i != n; ++i)
+    floatChars.push_back(ThisTokBegin[i]);
+  
+  floatChars.push_back('\0');
+  
   APFloat V (Format, APFloat::fcZero, false);
-
   APFloat::opStatus status;
-  status = V.convertFromString(floatChars,APFloat::rmTowardZero);
+  
+  status = V.convertFromString(&floatChars[0],APFloat::rmNearestTiesToEven);
   
   if (isExact)
     *isExact = status == APFloat::opOK;
   
   return V;
-#else
-  // FIXME: this is horrible!
-  APFloat V(strtod(floatChars, 0));
-  V.convert(Format, APFloat::rmTowardZero);
-  return V;
-#endif
 }
 
 void NumericLiteralParser::Diag(SourceLocation Loc, unsigned DiagID,