Skip to content

c-index-test: fix buffer overflow #129922

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 2 commits into from
Mar 6, 2025
Merged

c-index-test: fix buffer overflow #129922

merged 2 commits into from
Mar 6, 2025

Conversation

jsji
Copy link
Member

@jsji jsji commented Mar 5, 2025
edited
Loading

We should not try to overwrite the pointer of struct, also need to add 1 for end of line.

@llvmbot llvmbot added the clang Clang issues not falling into any other category label Mar 5, 2025
@jsji jsji requested a review from arsenm March 5, 2025 19:51
@llvmbot
Copy link
Member

llvmbot commented Mar 5, 2025

@llvm/pr-subscribers-clang

Author: Jinsong Ji (jsji)

Changes

Full diff: https://github.com/llvm/llvm-project/pull/129922.diff

1 Files Affected:

  • (modified) clang/tools/c-index-test/c-index-test.c (+2-2)
diff --git a/clang/tools/c-index-test/c-index-test.c b/clang/tools/c-index-test/c-index-test.c
index 942500f2975e4..eb1d3de09acd0 100644
--- a/clang/tools/c-index-test/c-index-test.c
+++ b/clang/tools/c-index-test/c-index-test.c
@@ -3555,11 +3555,11 @@ static CXIdxClientContainer makeClientContainer(CXClientData *client_data,
   clang_indexLoc_getFileLocation(loc, &file, 0, &line, &column, 0);
 
   len = sizeof(IndexDataStringList) + strlen(name) + digitCount(line) +
-        digitCount(column) + 2;
+        digitCount(column) + 3;
   node = (IndexDataStringList *)malloc(len);
   assert(node);
   newStr = node->data;
-  snprintf(newStr, len, "%s:%d:%d", name, line, column);
+  snprintf(newStr, len - sizeof(IndexDataStringList) , "%s:%d:%d", name, line, column);
 
   /* Remember string so it can be freed later. */
   index_data = (IndexData *)client_data;

arsenm
arsenm reviewed Mar 6, 2025
View reviewed changes
clang/tools/c-index-test/c-index-test.c
node = (IndexDataStringList *)malloc(len);
assert(node);
newStr = node->data;
snprintf(newStr, len, "%s:%d:%d", name, line, column);
snprintf(newStr, len - sizeof(IndexDataStringList), "%s:%d:%d", name, line,
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Maybe factor len out of the original part and add to the malloc arg

Copy link
Member Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Will follow up. Thanks.

@jsji jsji merged commit 560cfd5 into llvm:main Mar 6, 2025
11 checks passed
@jsji jsji mentioned this pull request Mar 6, 2025
Merged
jsji added a commit that referenced this pull request Mar 6, 2025
@jsji
[NFC][c-index-test] factor data len out (#129971)
e4c3d25 
Follow up of #129922
@tuliom tuliom mentioned this pull request Mar 7, 2025
Closed
jph-13 pushed a commit to jph-13/llvm-project that referenced this pull request Mar 21, 2025
@jsji @jph-13
c-index-test: fix buffer overflow (llvm#129922)
2d454db 
We should not try to overwrite the pointer of struct, also need to add 1
for end of line.
jph-13 pushed a commit to jph-13/llvm-project that referenced this pull request Mar 21, 2025
@jsji @jph-13
[NFC][c-index-test] factor data len out (llvm#129971)
3f21e4b 
Follow up of llvm#129922
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arsenm arsenm arsenm approved these changes

Assignees
No one assigned
Labels
clang Clang issues not falling into any other category
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@jsji @llvmbot @arsenm