From: Nico Weber <nicolasweber@gmx.de>
Date: Wed, 22 May 2019 15:53:23 +0000 (+0000)
Subject: llvm-undname: Fix an assert-on-invalid, found by oss-fuzz
X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c53aaaaaacc3cb4902cb86e9c03b22d76b268d57;p=llvm

llvm-undname: Fix an assert-on-invalid, found by oss-fuzz

If a template parameter refers to a pointer to member, but the mangling
of that was a string literal instead of a real symbol, llvm-undname used
to crash instead of rejecting the input.

git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@361402 91177308-0d34-0410-b5e6-96231b3b80d8
---

diff --git a/lib/Demangle/MicrosoftDemangle.cpp b/lib/Demangle/MicrosoftDemangle.cpp
index 4942e0e3655..041d327596b 100644
--- a/lib/Demangle/MicrosoftDemangle.cpp
+++ b/lib/Demangle/MicrosoftDemangle.cpp
@@ -2175,8 +2175,10 @@ Demangler::demangleTemplateParameterList(StringView &MangledName) {
       SymbolNode *S = nullptr;
       if (MangledName.startsWith('?')) {
         S = parse(MangledName);
-        if (Error)
+        if (Error || !S->Name) {
+          Error = true;
           return nullptr;
+        }
         memorizeIdentifier(S->Name->getUnqualifiedIdentifier());
       }
 
diff --git a/test/Demangle/invalid-manglings.test b/test/Demangle/invalid-manglings.test
index d64ec4f14d4..6cd025a1eec 100644
--- a/test/Demangle/invalid-manglings.test
+++ b/test/Demangle/invalid-manglings.test
@@ -169,3 +169,8 @@
 ; CHECK-EMPTY:
 ; CHECK-NEXT: ??_C@_12@?z
 ; CHECK-NEXT: error: Invalid mangled name
+
+??$foo@$1??_C@_02PCEFGMJL@hi?$AA@@
+; CHECK-EMPTY:
+; CHECK-NEXT: ??$foo@$1??_C@_02PCEFGMJL@hi?$AA@@
+; CHECK-NEXT: error: Invalid mangled name