From: Fariborz Jahanian <fjahanian@apple.com>
Date: Fri, 23 Oct 2009 23:55:43 +0000 (+0000)
Subject: Fixe a buffer overflow problem which causes a crash
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=60aeaddb123762e15efe7f268afe033448b70023;p=clang

Fixe a buffer overflow problem which causes a crash
in a certain project. Need to have a permananent fix later
(FIXME added).



git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@84980 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/AST/ASTContext.cpp b/lib/AST/ASTContext.cpp
index 5d6d0ba3a1..e226f28c86 100644
--- a/lib/AST/ASTContext.cpp
+++ b/lib/AST/ASTContext.cpp
@@ -2855,8 +2855,10 @@ QualType ASTContext::BuildByRefType(const char *DeclName, QualType Ty) {
 
   // FIXME: Move up
   static int UniqueBlockByRefTypeID = 0;
-  char Name[36];
+  // FIXME. This is error prone. Luckinly stack-canary stuff caught it.
+  char Name[128];
   sprintf(Name, "__Block_byref_%d_%s", ++UniqueBlockByRefTypeID, DeclName);
+  assert((strlen(Name) < sizeof(Name)) && "BuildByRefType - buffer overflow");
   RecordDecl *T;
   T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl, SourceLocation(),
                          &Idents.get(Name));
@@ -2904,8 +2906,10 @@ QualType ASTContext::getBlockParmType(
   llvm::SmallVector<const Expr *, 8> &BlockDeclRefDecls) {
   // FIXME: Move up
   static int UniqueBlockParmTypeID = 0;
-  char Name[36];
+  // FIXME. This is error prone. Luckinly stack-canary stuff caught it.
+  char Name[128];
   sprintf(Name, "__block_literal_%u", ++UniqueBlockParmTypeID);
+  assert((strlen(Name) < sizeof(Name)) && "getBlockParmType - buffer overflow");
   RecordDecl *T;
   T = RecordDecl::Create(*this, TagDecl::TK_struct, TUDecl, SourceLocation(),
                          &Idents.get(Name));