diff options
author | Brad King <brad.king@kitware.com> | 2014-06-12 13:46:54 (GMT) |
---|---|---|
committer | Brad King <brad.king@kitware.com> | 2014-06-12 15:24:17 (GMT) |
commit | 23ffb72ab3c37652b8d6f1201a5f313cb0d4f8a6 (patch) | |
tree | 076296d2ede96b47f970d4dfb37f1747ce0f21cb /Source/cmake.cxx | |
parent | b041fc13db5b3146cd45d8b81b17535ac8747688 (diff) | |
download | CMake-23ffb72ab3c37652b8d6f1201a5f313cb0d4f8a6.zip CMake-23ffb72ab3c37652b8d6f1201a5f313cb0d4f8a6.tar.gz CMake-23ffb72ab3c37652b8d6f1201a5f313cb0d4f8a6.tar.bz2 |
cmake: Fix read-after-free while checking command-line arguments
Since commit v2.8.12~300^2~1 (CLI: Suppress the unused warning if the
key value pair is cached, 2013-05-16), cmake::SetCacheArgs saves a
cachedValue pointer and may cause the memory to be freed (by setting the
cache entry) before reading it again. Fix this by saving the old value
in a separate string.
Diffstat (limited to 'Source/cmake.cxx')
-rw-r--r-- | Source/cmake.cxx | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/Source/cmake.cxx b/Source/cmake.cxx index e3bebbd..86d3766 100644 --- a/Source/cmake.cxx +++ b/Source/cmake.cxx @@ -343,16 +343,24 @@ bool cmake::SetCacheArgs(const std::vector<std::string>& args) // The value is transformed if it is a filepath for example, so // we can't compare whether the value is already in the cache until // after we call AddCacheEntry. - const char *cachedValue = - this->CacheManager->GetCacheValue(var); + bool haveValue = false; + std::string cachedValue; + if(this->WarnUnusedCli) + { + if(const char *v = this->CacheManager->GetCacheValue(var)) + { + haveValue = true; + cachedValue = v; + } + } this->CacheManager->AddCacheEntry(var, value.c_str(), "No help, variable specified on the command line.", type); + if(this->WarnUnusedCli) { - if (!cachedValue - || strcmp(this->CacheManager->GetCacheValue(var), - cachedValue) != 0) + if (!haveValue || + cachedValue != this->CacheManager->GetCacheValue(var)) { this->WatchUnusedCli(var); } |