From: Douglas Gregor <dgregor@apple.com>
Date: Tue, 27 Jul 2010 14:52:07 +0000 (+0000)
Subject: Fix use-after-free with precompiled preambles
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=28233428da1ebec20c893d6297ae3191318940dd;p=clang

Fix use-after-free with precompiled preambles

git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@109505 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/include/clang/Frontend/ASTUnit.h b/include/clang/Frontend/ASTUnit.h
index d0202dfe28..10cf3d50ba 100644
--- a/include/clang/Frontend/ASTUnit.h
+++ b/include/clang/Frontend/ASTUnit.h
@@ -135,6 +135,11 @@ private:
   /// file within the precompiled preamble.
   unsigned PreambleReservedSize;
   
+  /// \brief When non-NULL, this is the buffer used to store the contents of
+  /// the main file when it has been padded for use with the precompiled
+  /// preamble.
+  llvm::MemoryBuffer *SavedMainFileBuffer;
+  
   ASTUnit(const ASTUnit&); // DO NOT IMPLEMENT
   ASTUnit &operator=(const ASTUnit &); // DO NOT IMPLEMENT
   
diff --git a/lib/Frontend/ASTUnit.cpp b/lib/Frontend/ASTUnit.cpp
index 0463db18dc..d67a6652da 100644
--- a/lib/Frontend/ASTUnit.cpp
+++ b/lib/Frontend/ASTUnit.cpp
@@ -39,7 +39,7 @@ using namespace clang;
 
 ASTUnit::ASTUnit(bool _MainFileIsAST)
   : CaptureDiagnostics(false), MainFileIsAST(_MainFileIsAST), 
-    ConcurrencyCheckValue(CheckUnlocked) { }
+    ConcurrencyCheckValue(CheckUnlocked), SavedMainFileBuffer(0) { }
 
 ASTUnit::~ASTUnit() {
   ConcurrencyCheckValue = CheckLocked;
@@ -60,6 +60,8 @@ ASTUnit::~ASTUnit() {
          ++FB)
       delete FB->second;
   }
+  
+  delete SavedMainFileBuffer;
 }
 
 void ASTUnit::CleanTemporaryFiles() {
@@ -328,6 +330,9 @@ public:
 /// \returns True if a failure occurred that causes the ASTUnit not to
 /// contain any translation-unit information, false otherwise.
 bool ASTUnit::Parse(llvm::MemoryBuffer *OverrideMainBuffer) {
+  delete SavedMainFileBuffer;
+  SavedMainFileBuffer = 0;
+  
   if (!Invocation.get())
     return true;
   
@@ -395,6 +400,9 @@ bool ASTUnit::Parse(llvm::MemoryBuffer *OverrideMainBuffer) {
                                                     = PreambleEndsAtStartOfLine;
     PreprocessorOpts.ImplicitPCHInclude = PreambleFile.str();
     PreprocessorOpts.DisablePCHValidation = true;
+    
+    // Keep track of the override buffer;
+    SavedMainFileBuffer = OverrideMainBuffer;
   }
   
   llvm::OwningPtr<TopLevelDeclTrackerAction> Act;
@@ -787,7 +795,6 @@ ASTUnit *ASTUnit::LoadFromCompilerInvocation(CompilerInvocation *CI,
   if (!AST->Parse(OverrideMainBuffer))
     return AST.take();
   
-  delete OverrideMainBuffer;
   return 0;
 }
 
@@ -884,6 +891,5 @@ bool ASTUnit::Reparse(RemappedFile *RemappedFiles, unsigned NumRemappedFiles) {
 
   // Parse the sources
   bool Result = Parse(OverrideMainBuffer);  
-  delete OverrideMainBuffer;
   return Result;
 }