Author: labath
Date: Fri May 5 06:51:21 2017
New Revision: 302225
URL: http://llvm.org/viewvc/llvm-project?rev=302225&view=rev
Log:
Fix segfault resulting from empty print prompt
Summary:
I have found a way to segfault lldb in 7 keystrokes! Steps to reproduce:
1) Launch lldb
2) Type `print` and hit enter. lldb will now prompt you to type a list of
expressions, followed by an empty line.
3) Hit enter, indicating the end of your input.
4) Segfault!
After some investigation, I've found the issue in Host/common/Editline.cpp.
Editline::MoveCursor() relies on m_input_lines not being empty when the `to`
argument is CursorPosition::BlockEnd. This scenario, as far as I can tell,
occurs in one specific instance: In Editline::EndOrAddLineCommand() when the
list of lines being processed contains exactly one string (""). Meeting this
condition is fairly simple, I have posted steps to reproduce above.
Reviewers: krytarowski, zturner, labath
Reviewed By: labath
Subscribers: scott.smith, lldb-commits
Differential Revision: https://reviews.llvm.org/D32421
Patch by Alex Langford.
Modified:
lldb/trunk/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
lldb/trunk/source/Host/common/Editline.cpp
Modified:
lldb/trunk/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
URL:
http://llvm.org/viewvc/llvm-project/lldb/trunk/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py?rev=302225&r1=302224&r2=302225&view=diff
==============================================================================
---
lldb/trunk/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
(original)
+++
lldb/trunk/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
Fri May 5 06:51:21 2017
@@ -12,6 +12,7 @@ from lldbsuite.test import lldbutil
class MultilineExpressionsTestCase(TestBase):
mydir = TestBase.compute_mydir(__file__)
+ NO_DEBUG_INFO_TESTCASE = True
def setUp(self):
# Call super's setUp().
@@ -60,3 +61,30 @@ class MultilineExpressionsTestCase(TestB
child.expect_exact(prompt)
self.expect(child.before, exe=False,
patterns=['= 5'])
+
+ @skipIfRemote
+ @expectedFailureAll(
+ oslist=["windows"],
+ bugnumber="llvm.org/pr22274: need a pexpect replacement for windows")
+ def test_empty_list(self):
+ """Test printing an empty list of expressions"""
+ import pexpect
+ prompt = "(lldb) "
+
+ # So that the child gets torn down after the test
+ self.child = pexpect.spawn(
+ "%s %s" %
+ (lldbtest_config.lldbExec, self.lldbOption))
+ child = self.child
+
+ # Turn on logging for what the child sends back.
+ if self.TraceOn():
+ child.logfile_read = sys.stdout
+
+ # We expect a prompt, then send "print" to start a list of expressions,
+ # then an empty line. We expect a prompt back.
+ child.expect_exact(prompt)
+ child.sendline("print")
+ child.expect_exact('1:')
+ child.sendline("")
+ child.expect_exact(prompt)
Modified: lldb/trunk/source/Host/common/Editline.cpp
URL:
http://llvm.org/viewvc/llvm-project/lldb/trunk/source/Host/common/Editline.cpp?rev=302225&r1=302224&r2=302225&view=diff
==============================================================================
--- lldb/trunk/source/Host/common/Editline.cpp (original)
+++ lldb/trunk/source/Host/common/Editline.cpp Fri May 5 06:51:21 2017
@@ -367,7 +367,7 @@ void Editline::MoveCursor(CursorLocation
if (to == CursorLocation::EditingCursor) {
toColumn =
editline_cursor_position - (editline_cursor_row * m_terminal_width) +
1;
- } else if (to == CursorLocation::BlockEnd) {
+ } else if (to == CursorLocation::BlockEnd && !m_input_lines.empty()) {
toColumn =
((m_input_lines[m_input_lines.size() - 1].length() + GetPromptWidth())
%
80) +
_______________________________________________
lldb-commits mailing list
lldb-commits@lists.llvm.org
http://lists.llvm.org/cgi-bin/mailman/listinfo/lldb-commits
