mirror of
https://github.com/llvm/llvm-project.git
synced 2025-05-08 19:56:06 +00:00
38c2059aec
Summary:
I have found a way to segfault lldb in 7 keystrokes! Steps to reproduce:
1) Launch lldb
2) Type `print` and hit enter. lldb will now prompt you to type a list of
expressions, followed by an empty line.
3) Hit enter, indicating the end of your input.
4) Segfault!
After some investigation, I've found the issue in Host/common/Editline.cpp.
Editline::MoveCursor() relies on m_input_lines not being empty when the `to`
argument is CursorPosition::BlockEnd. This scenario, as far as I can tell,
occurs in one specific instance: In Editline::EndOrAddLineCommand() when the
list of lines being processed contains exactly one string (""). Meeting this
condition is fairly simple, I have posted steps to reproduce above.
Reviewers: krytarowski, zturner, labath
Reviewed By: labath
Subscribers: scott.smith, lldb-commits
Differential Revision: https://reviews.llvm.org/D32421
Patch by Alex Langford.
llvm-svn: 302225