This revision was automatically updated to reflect the committed changes.
Closed by commit rC322390: [Lex] Avoid out-of-bounds dereference in
LexAngledStringLiteral. (authored by vsapsai, committed by ).
Changed prior to commit:
https://reviews.llvm.org/D41423?vs=129379&id=129666#toc
Repositor
vsapsai added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2012-2015
+// Skip escaped characters. Escaped newlines will already be processed by
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
rsmith wrote:
rsmith accepted this revision.
rsmith added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2012-2015
+// Skip escaped characters. Escaped newlines will already be processed by
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
vsapsai added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2012-2015
+// Skip escaped characters. Escaped newlines will already be processed by
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
rsmith wrote:
rsmith added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2012-2015
+// Skip escaped characters. Escaped newlines will already be processed by
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
You can just d
rsmith added a comment.
In https://reviews.llvm.org/D41423#968587, @vsapsai wrote:
> OSS-Fuzz classifies the bug as medium severity security issue
Well, you should probably fix it to not do that. Any sane threat model
involving a C++ compiler should assume that if you can feed the compiler
ar
vsapsai marked an inline comment as done.
vsapsai added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2026
+
+if (C == 0) {
NulCharacter = CurPtr-1;
vsapsai wrote:
> dexonsmith wrote:
> > vsapsai wrote:
> > > dexonsmith wrote:
> > > > Should thi
vsapsai marked 2 inline comments as done.
vsapsai added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2026
+
+if (C == 0) {
NulCharacter = CurPtr-1;
dexonsmith wrote:
> vsapsai wrote:
> > dexonsmith wrote:
> > > Should this check still be skippe
vsapsai updated this revision to Diff 129379.
vsapsai added a comment.
- Add a test for null character in string/character literals.
https://reviews.llvm.org/D41423
Files:
clang/lib/Lex/Lexer.cpp
clang/test/Lexer/null-character-in-literal.c
clang/unittests/Lex/LexerTest.cpp
Index: clang
dexonsmith added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2026
+
+if (C == 0) {
NulCharacter = CurPtr-1;
vsapsai wrote:
> dexonsmith wrote:
> > Should this check still be skipped (in an `else if` of the `C == '\\'`
> > check)?
> I agree it
vsapsai marked an inline comment as done.
vsapsai added inline comments.
Comment at: clang/lib/Lex/Lexer.cpp:2014-2015
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
+
dexonsmith wrote:
> If `CurPtr` is already equal
vsapsai updated this revision to Diff 129346.
vsapsai added a comment.
- Remove rdar link from the comment per review.
Also rebased on top of master so diff between diffs can be noisy.
https://reviews.llvm.org/D41423
Files:
clang/lib/Lex/Lexer.cpp
clang/unittests/Lex/LexerTest.cpp
Index:
dexonsmith requested changes to this revision.
dexonsmith added inline comments.
This revision now requires changes to proceed.
Comment at: clang/lib/Lex/Lexer.cpp:2014-2015
+// getAndAdvanceChar.
+if (C == '\\')
+ C = getAndAdvanceChar(CurPtr, Result);
+
---
vsapsai added a comment.
Ping. OSS-Fuzz classifies the bug as medium severity security issue, would be
great to include the fix in Clang 6.0.
https://reviews.llvm.org/D41423
___
cfe-commits mailing list
cfe-commits@lists.llvm.org
http://lists.llvm.
vsapsai created this revision.
vsapsai added reviewers: arphaman, kcc.
Fix makes the loop in LexAngledStringLiteral more like the loops in
LexStringLiteral, LexCharConstant. When we skip a character after
backslash, we need to check if we reached the end of the file instead of
reading the next cha
15 matches
Mail list logo