llvmbot wrote:
<!--LLVM PR SUMMARY COMMENT--> @llvm/pr-subscribers-clang Author: Paul Kirth (ilovepi) <details> <summary>Changes</summary> There is a possible nullptr deref in BuildCXXNestedNameSpecifier when calling ExtendNestedNameSpecifier or using isa<>. This initially showed up as a crash in clangd, that didn't manifest in when compiling w/ clang. The reduced test case added in this patch, however does expose the issue in clang. Testing locally shows that both this test case and the original clangd issue are fixed by checking the validity of the pointer before trying to dispatch. Since all code paths require the pointer to be valid (usually by virtue of a dyn_cast or isa<> check), there should be no functional difference. Fixes #<!-- -->166843 --- Full diff: https://github.com/llvm/llvm-project/pull/166995.diff 1 Files Affected: - (modified) clang/lib/Sema/SemaCXXScopeSpec.cpp (+20-19) ``````````diff diff --git a/clang/lib/Sema/SemaCXXScopeSpec.cpp b/clang/lib/Sema/SemaCXXScopeSpec.cpp index c52fc5bf815af..29e697d9eb029 100644 --- a/clang/lib/Sema/SemaCXXScopeSpec.cpp +++ b/clang/lib/Sema/SemaCXXScopeSpec.cpp @@ -779,25 +779,26 @@ bool Sema::BuildCXXNestedNameSpecifier(Scope *S, NestedNameSpecInfo &IdInfo, } if (!Found.empty()) { - const auto *ND = Found.getAsSingle<NamedDecl>(); - if (::ExtendNestedNameSpecifier(*this, SS, ND, IdInfo.IdentifierLoc, - IdInfo.CCLoc)) { - const Type *T = SS.getScopeRep().getAsType(); - Diag(IdInfo.IdentifierLoc, diag::err_expected_class_or_namespace) - << QualType(T, 0) << getLangOpts().CPlusPlus; - // Recover with this type if it would be a valid nested name specifier. - return !T->getAsCanonical<TagType>(); - } - if (isa<TemplateDecl>(ND)) { - ParsedType SuggestedType; - DiagnoseUnknownTypeName(IdInfo.Identifier, IdInfo.IdentifierLoc, S, &SS, - SuggestedType); - } else { - Diag(IdInfo.IdentifierLoc, diag::err_expected_class_or_namespace) - << IdInfo.Identifier << getLangOpts().CPlusPlus; - if (NamedDecl *ND = Found.getAsSingle<NamedDecl>()) - Diag(ND->getLocation(), diag::note_entity_declared_at) - << IdInfo.Identifier; + if (const auto *ND = Found.getAsSingle<NamedDecl>()) { + if (::ExtendNestedNameSpecifier(*this, SS, ND, IdInfo.IdentifierLoc, + IdInfo.CCLoc)) { + const Type *T = SS.getScopeRep().getAsType(); + Diag(IdInfo.IdentifierLoc, diag::err_expected_class_or_namespace) + << QualType(T, 0) << getLangOpts().CPlusPlus; + // Recover with this type if it would be a valid nested name specifier. + return !T->getAsCanonical<TagType>(); + } + if (isa<TemplateDecl>(ND)) { + ParsedType SuggestedType; + DiagnoseUnknownTypeName(IdInfo.Identifier, IdInfo.IdentifierLoc, S, &SS, + SuggestedType); + } else { + Diag(IdInfo.IdentifierLoc, diag::err_expected_class_or_namespace) + << IdInfo.Identifier << getLangOpts().CPlusPlus; + if (NamedDecl *ND = Found.getAsSingle<NamedDecl>()) + Diag(ND->getLocation(), diag::note_entity_declared_at) + << IdInfo.Identifier; + } } } else if (SS.isSet()) Diag(IdInfo.IdentifierLoc, diag::err_no_member) << IdInfo.Identifier `````````` </details> https://github.com/llvm/llvm-project/pull/166995 _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
