diff options
| author | Peter Collingbourne <peter@pcc.me.uk> | 2013-08-12 22:38:39 +0000 |
|---|---|---|
| committer | Peter Collingbourne <peter@pcc.me.uk> | 2013-08-12 22:38:39 +0000 |
| commit | a90d91fd1add17b3c6af09a845ede940595098e9 (patch) | |
| tree | 5519287dd17101022b76225a021b4c2d719c1167 /lib/Transforms | |
| parent | f15dfe4eb48e8e2ff02a30bc8ba9112108f9b83d (diff) | |
| download | external_llvm-a90d91fd1add17b3c6af09a845ede940595098e9.zip external_llvm-a90d91fd1add17b3c6af09a845ede940595098e9.tar.gz external_llvm-a90d91fd1add17b3c6af09a845ede940595098e9.tar.bz2 | |
DataFlowSanitizer: fix a use-after-free. Spotted by libgmalloc.
git-svn-id: https://llvm.org/svn/llvm-project/llvm/trunk@188216 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Transforms')
| -rw-r--r-- | lib/Transforms/Instrumentation/DataFlowSanitizer.cpp | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp b/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp index f5531e0..af227d2 100644 --- a/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp +++ b/lib/Transforms/Instrumentation/DataFlowSanitizer.cpp @@ -422,9 +422,12 @@ bool DataFlowSanitizer::runOnModule(Module &M) { // instruction's next pointer and moving the next instruction to the // tail block from which we should continue. Instruction *Next = Inst->getNextNode(); + // DFSanVisitor may delete Inst, so keep track of whether it was a + // terminator. + bool IsTerminator = isa<TerminatorInst>(Inst); if (!DFSF.SkipInsts.count(Inst)) DFSanVisitor(DFSF).visit(Inst); - if (isa<TerminatorInst>(Inst)) + if (IsTerminator) break; Inst = Next; } |