From 42b16bb33ab0a0bb5b8e4032753fbe67bc85844f Mon Sep 17 00:00:00 2001 From: Kelebek1 Date: Sat, 14 Jan 2023 19:53:55 +0000 Subject: [PATCH] Be careful of mangled out of bounds read --- src/common/demangle.cpp | 14 +++++++++----- src/core/arm/arm_interface.cpp | 4 ---- 2 files changed, 9 insertions(+), 9 deletions(-) diff --git a/src/common/demangle.cpp b/src/common/demangle.cpp index 17abdb85e..f4246f666 100644 --- a/src/common/demangle.cpp +++ b/src/common/demangle.cpp @@ -2,6 +2,7 @@ // SPDX-License-Identifier: GPL-2.0-or-later #include "common/demangle.h" +#include "common/scope_exit.h" namespace llvm { char* itaniumDemangle(const char* mangled_name, char* buf, size_t* n, int* status); @@ -13,10 +14,16 @@ std::string DemangleSymbol(const std::string& mangled) { auto is_itanium = [](const std::string& name) -> bool { // A valid Itanium encoding requires 1-4 leading underscores, followed by 'Z'. auto pos = name.find_first_not_of('_'); - return pos > 0 && pos <= 4 && name[pos] == 'Z'; + return pos > 0 && pos <= 4 && pos < name.size() && name[pos] == 'Z'; }; + if (mangled.empty()) { + return mangled; + } + char* demangled = nullptr; + SCOPE_EXIT({ std::free(demangled); }); + if (is_itanium(mangled)) { demangled = llvm::itaniumDemangle(mangled.c_str(), nullptr, nullptr, nullptr); } @@ -24,10 +31,7 @@ std::string DemangleSymbol(const std::string& mangled) { if (!demangled) { return mangled; } - - std::string ret = demangled; - std::free(demangled); - return ret; + return demangled; } } // namespace Common diff --git a/src/core/arm/arm_interface.cpp b/src/core/arm/arm_interface.cpp index a34200539..8aa7b9641 100644 --- a/src/core/arm/arm_interface.cpp +++ b/src/core/arm/arm_interface.cpp @@ -1,10 +1,6 @@ // SPDX-FileCopyrightText: Copyright 2018 yuzu Emulator Project // SPDX-License-Identifier: GPL-2.0-or-later -#ifndef _MSC_VER -#include -#endif - #include #include