Jacob Garber has uploaded this change for review. ( https://review.coreboot.org/c/coreboot/+/32852
Change subject: util/romcc: Fix parsing of empty string literal ......................................................................
util/romcc: Fix parsing of empty string literal
The corner case of an empty string literal was causing romcc to segfault. This checks if the literal is empty, and if so allocates a size one buffer for the terminating null character. A test case for this is added to ensure it doesn't happen again.
Found-by: Coverity CID 1129099 Signed-off-by: Jacob Garber jgarber1@ualberta.ca Change-Id: I067160a3b9998184f44e4878ef6269f372fe68bb --- M util/romcc/romcc.c A util/romcc/tests/simple_test87.c 2 files changed, 13 insertions(+), 0 deletions(-)
git pull ssh://review.coreboot.org:29418/coreboot refs/changes/52/32852/1
diff --git a/util/romcc/romcc.c b/util/romcc/romcc.c index 43be171..4b84d63 100644 --- a/util/romcc/romcc.c +++ b/util/romcc/romcc.c @@ -10782,6 +10782,15 @@ } while(str < end); type->elements = ptr - buf; } while(peek(state) == TOK_LIT_STRING); + + /* buf contains the allocated buffer for the string constant. However, + if buf is NULL, then the string constant is empty, but we still + need to allocate one byte for the null character. */ + if (buf == NULL) { + buf = xmalloc(1, "string_constant"); + ptr = buf; + } + *ptr = '\0'; type->elements += 1; def = triple(state, OP_BLOBCONST, type, 0, 0); diff --git a/util/romcc/tests/simple_test87.c b/util/romcc/tests/simple_test87.c new file mode 100644 index 0000000..6a1148c --- /dev/null +++ b/util/romcc/tests/simple_test87.c @@ -0,0 +1,4 @@ +static void main(void) +{ + char *x = ""; +}
Patrick Georgi has posted comments on this change. ( https://review.coreboot.org/c/coreboot/+/32852 )
Change subject: util/romcc: Fix parsing of empty string literal ......................................................................
Patch Set 1: Code-Review+2
Patrick Georgi has submitted this change and it was merged. ( https://review.coreboot.org/c/coreboot/+/32852 )
Change subject: util/romcc: Fix parsing of empty string literal ......................................................................
util/romcc: Fix parsing of empty string literal
The corner case of an empty string literal was causing romcc to segfault. This checks if the literal is empty, and if so allocates a size one buffer for the terminating null character. A test case for this is added to ensure it doesn't happen again.
Found-by: Coverity CID 1129099 Signed-off-by: Jacob Garber jgarber1@ualberta.ca Change-Id: I067160a3b9998184f44e4878ef6269f372fe68bb Reviewed-on: https://review.coreboot.org/c/coreboot/+/32852 Tested-by: build bot (Jenkins) no-reply@coreboot.org Reviewed-by: Patrick Georgi pgeorgi@google.com --- M util/romcc/romcc.c A util/romcc/tests/simple_test87.c 2 files changed, 13 insertions(+), 0 deletions(-)
Approvals: build bot (Jenkins): Verified Patrick Georgi: Looks good to me, approved
diff --git a/util/romcc/romcc.c b/util/romcc/romcc.c index bf0510a..b9ec835 100644 --- a/util/romcc/romcc.c +++ b/util/romcc/romcc.c @@ -10782,6 +10782,15 @@ } while(str < end); type->elements = ptr - buf; } while(peek(state) == TOK_LIT_STRING); + + /* buf contains the allocated buffer for the string constant. However, + if buf is NULL, then the string constant is empty, but we still + need to allocate one byte for the null character. */ + if (buf == NULL) { + buf = xmalloc(1, "string_constant"); + ptr = buf; + } + *ptr = '\0'; type->elements += 1; def = triple(state, OP_BLOBCONST, type, 0, 0); diff --git a/util/romcc/tests/simple_test87.c b/util/romcc/tests/simple_test87.c new file mode 100644 index 0000000..6a1148c --- /dev/null +++ b/util/romcc/tests/simple_test87.c @@ -0,0 +1,4 @@ +static void main(void) +{ + char *x = ""; +}
-
Jacob Garber (Code Review) -
Patrick Georgi (Code Review)