From 684f12a49836a8783dfcda0d9841714e573fb00b Mon Sep 17 00:00:00 2001 From: Josh Berdine Date: Fri, 26 Apr 2019 12:02:56 -0700 Subject: [PATCH] [sledge] Protect against misdeclarations of operator new Summary: The frontend would implicitly assume there was (at least) one argument to calls to operator new. If code declares operator new with the wrong type, this can lead to crashing trying to access a missing arg. Reviewed By: mbouaziz Differential Revision: D15098820 fbshipit-source-id: 539281a83 --- sledge/src/llair/frontend.ml | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) diff --git a/sledge/src/llair/frontend.ml b/sledge/src/llair/frontend.ml index 1fd05c395..4c5cf89b7 100644 --- a/sledge/src/llair/frontend.ml +++ b/sledge/src/llair/frontend.ml @@ -1000,15 +1000,15 @@ let xlate_instr : let return_dst = label_of_block return_blk in let unwind_blk = Llvm.get_unwind_dest instr in let unwind_dst = label_of_block unwind_blk in + let num_args = + if not (Llvm.is_var_arg (Llvm.element_type lltyp)) then + Llvm.num_arg_operands instr + else ( + warn "ignoring variable arguments to variadic function: %a" + pp_llvalue instr ; + Array.length (Llvm.param_types (Llvm.element_type lltyp)) ) + in let args = - let num_args = - if not (Llvm.is_var_arg (Llvm.element_type lltyp)) then - Llvm.num_arg_operands instr - else ( - warn "ignoring variable arguments to variadic function: %a" - pp_llvalue instr ; - Array.length (Llvm.param_types (Llvm.element_type lltyp)) ) - in List.rev_init num_args ~f:(fun i -> xlate_value x (Llvm.operand instr i) ) in @@ -1021,7 +1021,7 @@ let xlate_instr : | ["__llair_throw"] -> let dst = Llair.Jump.mk unwind_dst args in emit_term (Llair.Term.goto ~dst ~loc) - | ["_Znwm" (* operator new(size_t num) *)] -> + | ["_Znwm" (* operator new(size_t num) *)] when num_args = 1 -> let reg = xlate_name instr in let num = xlate_value x (Llvm.operand instr 0) in let llt = Llvm.type_of instr in