[Reflection] Fix premature deallocation of string memory in readMangledName.

This function creates a demangled tree from a std::string, but the demangle tree can include pointers into the interior of the passed-in string, which become invalid on return. Copy the string into the demangler's own memory first, so that the lifetimes are correct. rdar://101438017
2025-12-21 12:14:44 +01:00 · 2022-10-24 17:00:40 -04:00
parent 8a957014dd
commit 494d570e87
1 changed files with 15 additions and 4 deletions
--- a/include/swift/Remote/MetadataReader.h
+++ b/include/swift/Remote/MetadataReader.h
@@ -506,6 +506,20 @@ public:
    return result;
  }

+  /// Demangle a mangled name from a potentially temporary std::string. The
+  /// demangler may produce pointers into the string data, so this copies the
+  /// string into the demangler's allocation first.
+  Demangle::NodePointer demangle(uint64_t remoteAddress,
+                                 const std::string &mangledName,
+                                 MangledNameKind kind,
+                                 Demangler &dem) {
+    size_t stringSize = mangledName.size() + 1; // + 1 for terminating NUL.
+
+    char *copiedString = dem.Allocate<char>(stringSize);
+    memcpy(copiedString, mangledName.data(), stringSize);
+    return demangle(RemoteRef<char>(remoteAddress, copiedString), kind, dem);
+  }
+
  /// Given a demangle tree, attempt to turn it into a type.
  TypeLookupErrorOr<typename BuilderType::BuiltType>
  decodeMangledType(NodePointer Node) {
@@ -2344,10 +2358,7 @@ private:
      // We're done.
      break;
    }
-
-    return demangle(RemoteRef<char>(address.getAddressData(),
-                                    mangledName.data()),
-                    kind, dem);
+    return demangle(address.getAddressData(), mangledName, kind, dem);
  }

  /// Read and demangle the name of an anonymous context.