commit b8ebcb519758a9acfb934965eaabf3091a2d39ec
author Jason Molenda <jmolenda@apple.com> Thu Mar 02 05:08:10 2017 +0000
committer Jason Molenda <jmolenda@apple.com> Thu Mar 02 05:08:10 2017 +0000
tree 15385b9a711baa2b1140703d048154c2ab6e5263
parent bda3c7df78501378a54e3c4a44d49376d6a2cdda

x86AssemblyInspectionEngine::AugmentUnwindPlanFromCallSite could access
the byte past the end of the buffer it had been given.  ASAN catch.
<rdar://problem/30774863> 

llvm-svn: 296733

lldb/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp

diff --git a/lldb/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp b/lldb/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
index e731a5a..9aad2e1 100644
--- a/lldb/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
+++ b/lldb/source/Plugins/UnwindAssembly/x86/x86AssemblyInspectionEngine.cpp
@@ -979,11 +979,12 @@
     offset += insn_len;
     m_cur_insn = data + offset;
 
-    if (reinstate_unwind_state) {
-      // that was the last instruction of this function
-      if (offset >= size)
-        continue;
+    // offset is pointing beyond the bounds of the
+    // function; stop looping.
+    if (offset >= size) 
+      continue;
 
+    if (reinstate_unwind_state) {
       UnwindPlan::RowSP new_row(new UnwindPlan::Row());
       *new_row = *original_last_row;
       new_row->SetOffset(offset);