diff options
| author | Zachary Turner <zturner@google.com> | 2016-06-02 19:51:48 +0000 |
|---|---|---|
| committer | Zachary Turner <zturner@google.com> | 2016-06-02 19:51:48 +0000 |
| commit | f4e9c9ac08315bed9e5f8ffd0c1612540844370b (patch) | |
| tree | 17e9d1054af0d971570f07c05b7fb4e17af2c046 /llvm/lib/DebugInfo/CodeView/EnumTables.cpp | |
| parent | e37d13b9ecc4746db58dd714a9087a1e35efb3ce (diff) | |
| download | llvm-f4e9c9ac08315bed9e5f8ffd0c1612540844370b.zip llvm-f4e9c9ac08315bed9e5f8ffd0c1612540844370b.tar.gz llvm-f4e9c9ac08315bed9e5f8ffd0c1612540844370b.tar.bz2 | |
[codeview] Fix a nasty use after free.
StreamRef was designed to be a thin wrapper over an abstract
stream interface that could itself be treated the same as any
other stream interface. For this reason, it inherited publicly
from StreamInterface, and stored a StreamInterface* internally.
But StreamRef was also designed to be lightweight and easily
copyable, similar to ArrayRef. This led to two misuses of
the classes.
1) When creating a StreamRef A from another StreamRef B, it was
possible to end up with A storing a pointer to B, even when
B was a temporary object, leading to use after free.
2) The above situation could be repeated ad nauseum, so that
A stores a pointer to B, which itself stores a pointer to
another StreamRef C, and so on and so on, creating an
unnecessarily level of nesting depth.
This patch removes the public inheritance relationship between
StreamRef and StreamInterface, making it so that we can never
accidentally convert a StreamRef to a StreamInterface.
llvm-svn: 271570
Diffstat (limited to 'llvm/lib/DebugInfo/CodeView/EnumTables.cpp')
0 files changed, 0 insertions, 0 deletions