From 493f3bad3c740a2ef86ce6104614d4610dd148ac Mon Sep 17 00:00:00 2001
From: Tom Stellard <tstellar@redhat.com>
Date: Fri, 7 Sep 2018 15:42:01 +0000
Subject: [PATCH] MachO: Fix out-of-bounds memory access in getString16

Summary:
This fixes the following tests when gcc is compiled with gcc8:

lld :: mach-o/do-not-emit-unwind-fde-arm64.yaml
lld :: mach-o/eh-frame-relocs-arm64.yaml

llvm.org/PR38096

Reviewers: lhames, kledzik, javed.absar

Subscribers: kristof.beyls, llvm-commits

Differential Revision: https://reviews.llvm.org/D51547

llvm-svn: 341670
---
 .../MachO/MachONormalizedFileBinaryUtils.h            | 11 +++++------
 1 file changed, 5 insertions(+), 6 deletions(-)

diff --git a/lld/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h b/lld/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h
index 407bd9b97020..f0340a9d23f9 100644
--- a/lld/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h
+++ b/lld/lib/ReaderWriter/MachO/MachONormalizedFileBinaryUtils.h
@@ -185,12 +185,11 @@ packRelocation(const Relocation &r, bool swap, bool isBigEndian) {
   return result;
 }
 
-inline StringRef getString16(const char s[16]) {
-  StringRef x = s;
-  if ( x.size() > 16 )
-    return x.substr(0, 16);
-  else
-    return x;
+static StringRef getString16(const char s[16]) {
+  // The StringRef(const char *) constructor passes the const char * to
+  // strlen(), so we can't use this constructor here, because if there is no
+  // null terminator in s, then strlen() will read past the end of the array.
+  return StringRef(s, strnlen(s, 16));
 }
 
 inline void setString16(StringRef str, char s[16]) {