npm - svf-tools - Versions diffs - 1.0.1228 → 1.0.1230 - Mend

svf-tools 1.0.1228 → 1.0.1230

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (2) hide show

package/package.json +1 -1
package/svf-llvm/lib/SVFIRBuilder.cpp +11 -2

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "svf-tools",
-  "version": "1.0.1228",
+  "version": "1.0.1230",
   "description": "* <b>[TypeClone](https://github.com/SVF-tools/SVF/wiki/TypeClone) published in our [ECOOP paper](https://yuleisui.github.io/publications/ecoop20.pdf) is now available in SVF </b> * <b>SVF now uses a single script for its build. Just type [`source ./build.sh`](https://github.com/SVF-tools/SVF/blob/master/build.sh) in your terminal, that's it!</b> * <b>SVF now supports LLVM-10.0.0! </b> * <b>We thank [bsauce](https://github.com/bsauce) for writing a user manual of SVF ([link1](https://www.jianshu.com/p/068a08ec749c) and [link2](https://www.jianshu.com/p/777c30d4240e)) in Chinese </b> * <b>SVF now supports LLVM-9.0.0 (Thank [Byoungyoung Lee](https://github.com/SVF-tools/SVF/issues/142) for his help!). </b> * <b>SVF now supports a set of [field-sensitive pointer analyses](https://yuleisui.github.io/publications/sas2019a.pdf). </b> * <b>[Use SVF as an external lib](https://github.com/SVF-tools/SVF/wiki/Using-SVF-as-a-lib-in-your-own-tool) for your own project (Contributed by [Hongxu Chen](https://github.com/HongxuChen)). </b> * <b>SVF now supports LLVM-7.0.0. </b> * <b>SVF now supports Docker. [Try SVF in Docker](https://github.com/SVF-tools/SVF/wiki/Try-SVF-in-Docker)! </b> * <b>SVF now supports [LLVM-6.0.0](https://github.com/svf-tools/SVF/pull/38) (Contributed by [Jack Anthony](https://github.com/jackanth)). </b> * <b>SVF now supports [LLVM-4.0.0](https://github.com/svf-tools/SVF/pull/23) (Contributed by Jared Carlson. Thank [Jared](https://github.com/jcarlson23) and [Will](https://github.com/dtzWill) for their in-depth [discussions](https://github.com/svf-tools/SVF/pull/18) about updating SVF!) </b> * <b>SVF now supports analysis for C++ programs.</b> <br />",
   "main": "index.js",
   "scripts": {

package/svf-llvm/lib/SVFIRBuilder.cpp CHANGED Viewed

@@ -677,8 +677,17 @@ bool SVFIRBuilder::computeGepOffset(const User *V, AccessPath& ap)
         else if (const StructType *ST = SVFUtil::dyn_cast<StructType>(gepTy))
         {
             assert(op && "non-const offset accessing a struct");
-            //The actual index
-            APOffset idx = (u32_t)LLVMUtil::getIntegerValue(op).first;
+            // guard against negative or out-of-bounds struct indices
+            // (e.g. rust hashbrown bucket back-offset: gep { ... }, ptr %p, i64 -1)
+            // a negative i64 wraps to a huge uint64_t that overflows u32_t,
+            // creating an invalid field index that severs points-to tracking
+            uint64_t rawIdx = LLVMUtil::getIntegerValue(op).first;
+            if (rawIdx >= ST->getNumElements())
+            {
+                isConst = false;
+                continue;
+            }
+            APOffset idx = (u32_t)rawIdx;
             u32_t offset = pag->getFlattenedElemIdx(llvmModuleSet()->getSVFType(ST), idx);
             ap.setFldIdx(ap.getConstantStructFldIdx() + offset);
         }