cmake: Fix read-after-free while checking command-line arguments

Since commit v2.8.12~300^2~1 (CLI: Suppress the unused warning if the
key value pair is cached, 2013-05-16), cmake::SetCacheArgs saves a
cachedValue pointer and may cause the memory to be freed (by setting the
cache entry) before reading it again.  Fix this by saving the old value
in a separate string.
This commit is contained in:
Brad King 2014-06-12 09:46:54 -04:00
parent b041fc13db
commit 23ffb72ab3
1 changed files with 13 additions and 5 deletions

View File

@ -343,16 +343,24 @@ bool cmake::SetCacheArgs(const std::vector<std::string>& args)
// The value is transformed if it is a filepath for example, so
// we can't compare whether the value is already in the cache until
// after we call AddCacheEntry.
const char *cachedValue =
this->CacheManager->GetCacheValue(var);
bool haveValue = false;
std::string cachedValue;
if(this->WarnUnusedCli)
{
if(const char *v = this->CacheManager->GetCacheValue(var))
{
haveValue = true;
cachedValue = v;
}
}
this->CacheManager->AddCacheEntry(var, value.c_str(),
"No help, variable specified on the command line.", type);
if(this->WarnUnusedCli)
{
if (!cachedValue
|| strcmp(this->CacheManager->GetCacheValue(var),
cachedValue) != 0)
if (!haveValue ||
cachedValue != this->CacheManager->GetCacheValue(var))
{
this->WatchUnusedCli(var);
}