Reland "[libclang] Always Dup in createRef(StringRef)" (llvm#127078)

Reverts llvm#127076 to reland llvm#125020. Use-after-free should be fixed here llvm#127063
joaosaffran · Feb 27, 2025 · 8355861 · 8355861
1 parent 9d51e94
commit 8355861
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 13 deletions.
diff --git a/clang/docs/ReleaseNotes.rst b/clang/docs/ReleaseNotes.rst
@@ -266,6 +266,9 @@ clang-format
 libclang
 --------
 
+- Fixed a buffer overflow in ``CXString`` implementation. The fix may result in
+  increased memory allocation.
+
 Code Completion
 ---------------
 

diff --git a/clang/tools/libclang/CXString.cpp b/clang/tools/libclang/CXString.cpp
@@ -87,19 +87,7 @@ CXString createRef(StringRef String) {
   if (String.empty())
     return createEmpty();
 
-  // If the string is not nul-terminated, we have to make a copy.
-
-  // FIXME: This is doing a one past end read, and should be removed! For memory
-  // we don't manage, the API string can become unterminated at any time outside
-  // our control.
-
-  if (String.data()[String.size()] != 0)
-    return createDup(String);
-
-  CXString Result;
-  Result.data = String.data();
-  Result.private_flags = (unsigned) CXS_Unmanaged;
-  return Result;
+  return createDup(String);
 }
 
 CXString createDup(StringRef String) {