From: Nico Weber Date: Tue, 16 Apr 2019 14:10:34 +0000 (+0000) Subject: llvm-undname: Fix nullptr deref on invalid structor names in template args X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=1d7046374b1a3e4db933eb90cca46c2f60c52bcd;p=llvm llvm-undname: Fix nullptr deref on invalid structor names in template args Similar to r358421: A StructorIndentifierNode has a Class field which is read when printing it, but if the StructorIndentifierNode appears in a template argument then demangleFullyQualifiedSymbolName() which sets Class isn't called. Since StructorIndentifierNodes are always leaf names, we can just reject them as well. Found by oss-fuzz. git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@358491 91177308-0d34-0410-b5e6-96231b3b80d8 --- diff --git a/lib/Demangle/MicrosoftDemangle.cpp b/lib/Demangle/MicrosoftDemangle.cpp index c3bdfa23d1f..49cfcde9c58 100644 --- a/lib/Demangle/MicrosoftDemangle.cpp +++ b/lib/Demangle/MicrosoftDemangle.cpp @@ -949,9 +949,10 @@ Demangler::demangleTemplateInstantiationName(StringView &MangledName, if (NBB & NBB_Template) { // NBB_Template is only set for types and non-leaf names ("a::" in "a::b"). - // A conversion operator only makes sense in a leaf name , so reject it in - // NBB_Template contexts. - if (Identifier->kind() == NodeKind::ConversionOperatorIdentifier) { + // Structors and conversion operators only makes sense in a leaf name, so + // reject them in NBB_Template contexts. + if (Identifier->kind() == NodeKind::ConversionOperatorIdentifier || + Identifier->kind() == NodeKind::StructorIdentifier) { Error = true; return nullptr; } diff --git a/test/Demangle/invalid-manglings.test b/test/Demangle/invalid-manglings.test index dcfc99f3e54..84c2b32bf20 100644 --- a/test/Demangle/invalid-manglings.test +++ b/test/Demangle/invalid-manglings.test @@ -134,3 +134,8 @@ ; CHECK-EMPTY: ; CHECK-NEXT: ?foo@?$?BH@@QAEHXZ ; CHECK-NEXT: error: Invalid mangled name + +?foo@?$?0H@ +; CHECK-EMPTY: +; CHECK-NEXT: ?foo@?$?0H@ +; CHECK-NEXT: error: Invalid mangled name