Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Sema: fix OOB access in coerceTupleToStruct #19620

Merged
merged 15 commits into from
Jul 21, 2024
Merged

Sema: fix OOB access in coerceTupleToStruct #19620

merged 15 commits into from
Jul 21, 2024

Conversation

wrongnull
Copy link
Contributor

Closes #19529

@wrongnull
Copy link
Contributor Author

not sure if I should add test for this

@Rexicon226
Copy link
Contributor

Probably should add a test yes :)

jacobly0
jacobly0 requested changes Apr 11, 2024
View reviewed changes
Copy link
Member

@jacobly0 jacobly0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

not sure if I should add test for this

The default answer to this question is always yes.

src/Sema.zig Outdated
Comment on lines 32337 to 32340
.struct_type => if (ip.loadStructType(inst_ty.toIntern()).field_names.len > 0)
ip.loadStructType(inst_ty.toIntern()).field_names.get(ip)[tuple_field_index]
else
try ip.getOrPutStringFmt(sema.gpa, "{d}", .{tuple_field_index}, .no_embedded_nulls),
Copy link
Member

@jacobly0 jacobly0 Apr 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Suggested change
.struct_type => if (ip.loadStructType(inst_ty.toIntern()).field_names.len > 0)
ip.loadStructType(inst_ty.toIntern()).field_names.get(ip)[tuple_field_index]
else
try ip.getOrPutStringFmt(sema.gpa, "{d}", .{tuple_field_index}, .no_embedded_nulls),
.struct_type => ip.loadStructType(inst_ty.toIntern()).fieldName(ip, tuple_field_index).unwrap() orelse
try ip.getOrPutStringFmt(sema.gpa, "{d}", .{tuple_field_index}, .no_embedded_nulls),

Note that the same thing can be done in the .anon_struct_type case.

Copy link
Member

@jacobly0 jacobly0 Apr 11, 2024
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Although, really it should probably be more like:

        const maybe_field_name = switch (ip.indexToKey(inst_ty.toIntern())) {
            .anon_struct_type => |anon_struct_type| anon_struct_type.fieldName(ip, tuple_field_index),
            .struct_type => ip.loadStructType(inst_ty.toIntern()).fieldName(ip, tuple_field_index),
            else => unreachable,
        };
        const struct_field_index = if (maybe_field_name.unwrap()) |field_name|
            try sema.structFieldIndex(block, struct_ty, field_name, field_src)
        else
            tuple_field_index;

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

done

@wrongnull wrongnull requested a review from jacobly0 April 12, 2024 07:44
jacobly0
jacobly0 approved these changes Apr 13, 2024
View reviewed changes
Copy link
Member

@jacobly0 jacobly0 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I was trying to avoid the extra call to getOrPutStringFmt in the .anon_struct_type case, but the new code is certainly reasonable enough that I won't hold up the merge over it.

@wrongnull
Copy link
Contributor Author

Screenshot_20240603_214413

Vexu
Vexu approved these changes Jul 15, 2024
View reviewed changes
Copy link
Member

@Vexu Vexu left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Please use Type.structFieldName and also update the equivalent code in coerceTupleToTuple to use it.

I promise I'll merge this as soon as it passes the CI.

@wrongnull
Copy link
Contributor Author

Please use Type.structFieldName and also update the equivalent code in coerceTupleToTuple to use it.

I promise I'll merge this as soon as it passes the CI.

Done. However I'm not sure if pr won't reverted because of this #18071 (comment)

@Vexu
Copy link
Member

Vexu commented Jul 15, 2024

Done. However I'm not sure if pr won't reverted because of this #18071 (comment)

Right, guess I'll leave it then.

@wrongnull
Copy link
Contributor Author

I'll be waiting. No matter how long it takes

@andrewrk andrewrk enabled auto-merge (squash) July 21, 2024 08:15
@andrewrk andrewrk merged commit 42d9017 into ziglang:master Jul 21, 2024
10 checks passed
@Vexu Vexu mentioned this pull request Jul 23, 2024
Open
SammyJames pushed a commit to SammyJames/zig that referenced this pull request Aug 7, 2024
@wrongnull @Vexu @SammyJames
Sema: fix OOB access in coerceTupleToStruct (ziglang#19620)
6903d46 
Co-authored-by: Veikka Tuominen <git@vexu.eu>
igor84 pushed a commit to igor84/zig that referenced this pull request Aug 11, 2024
@wrongnull @Vexu
Sema: fix OOB access in coerceTupleToStruct (ziglang#19620)
c01dcfb 
Co-authored-by: Veikka Tuominen <git@vexu.eu>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Vexu Vexu Vexu approved these changes

@jacobly0 jacobly0 jacobly0 approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Coercing typed tuple to struct causes index OOB in Sema
5 participants
@wrongnull @Rexicon226 @Vexu @jacobly0 @andrewrk