Fix segfault resulting from empty print prompt

Summary: I have found a way to segfault lldb in 7 keystrokes! Steps to reproduce: 1) Launch lldb 2) Type `print` and hit enter. lldb will now prompt you to type a list of expressions, followed by an empty line. 3) Hit enter, indicating the end of your input. 4) Segfault! After some investigation, I've found the issue in Host/common/Editline.cpp. Editline::MoveCursor() relies on m_input_lines not being empty when the `to` argument is CursorPosition::BlockEnd. This scenario, as far as I can tell, occurs in one specific instance: In Editline::EndOrAddLineCommand() when the list of lines being processed contains exactly one string (""). Meeting this condition is fairly simple, I have posted steps to reproduce above. Reviewers: krytarowski, zturner, labath Reviewed By: labath Subscribers: scott.smith, lldb-commits Differential Revision: https://reviews.llvm.org/D32421 Patch by Alex Langford. llvm-svn: 302225
2025-01-09 17:43:57 +00:00 · 2017-05-05 11:51:21 +00:00 · 2017-05-05 11:51:21 +00:00 · 38c2059aec
commit 38c2059aec
parent 1b74f8c51f
2 changed files with 29 additions and 1 deletions
--- a/lldb/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
+++ b/lldb/packages/Python/lldbsuite/test/expression_command/multiline/TestMultilineExpressions.py
@ -12,6 +12,7 @@ from lldbsuite.test import lldbutil
 class MultilineExpressionsTestCase(TestBase):

    mydir = TestBase.compute_mydir(__file__)
+    NO_DEBUG_INFO_TESTCASE = True

    def setUp(self):
        # Call super's setUp().
@ -60,3 +61,30 @@ class MultilineExpressionsTestCase(TestBase):
        child.expect_exact(prompt)
        self.expect(child.before, exe=False,
                    patterns=['= 5'])
+
+    @skipIfRemote
+    @expectedFailureAll(
+        oslist=["windows"],
+        bugnumber="llvm.org/pr22274: need a pexpect replacement for windows")
+    def test_empty_list(self):
+        """Test printing an empty list of expressions"""
+        import pexpect
+        prompt = "(lldb) "
+
+        # So that the child gets torn down after the test
+        self.child = pexpect.spawn(
+                "%s %s" %
+                (lldbtest_config.lldbExec, self.lldbOption))
+        child = self.child
+
+        # Turn on logging for what the child sends back.
+        if self.TraceOn():
+            child.logfile_read = sys.stdout
+
+        # We expect a prompt, then send "print" to start a list of expressions,
+        # then an empty line. We expect a prompt back.
+        child.expect_exact(prompt)
+        child.sendline("print")
+        child.expect_exact('1:')
+        child.sendline("")
+        child.expect_exact(prompt)
--- a/lldb/source/Host/common/Editline.cpp
+++ b/lldb/source/Host/common/Editline.cpp
@ -367,7 +367,7 @@ void Editline::MoveCursor(CursorLocation from, CursorLocation to) {
  if (to == CursorLocation::EditingCursor) {
    toColumn =
        editline_cursor_position - (editline_cursor_row * m_terminal_width) + 1;
-  } else if (to == CursorLocation::BlockEnd) {
+  } else if (to == CursorLocation::BlockEnd && !m_input_lines.empty()) {
    toColumn =
        ((m_input_lines[m_input_lines.size() - 1].length() + GetPromptWidth()) %
         80) +