diff options
| author | Andres Noetzli <andres.noetzli@gmail.com> | 2020-07-17 15:25:54 -0700 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2020-07-17 15:25:54 -0700 |
| commit | 8f085eb6a087242ab8c775ec4fe41ab9a194cec2 (patch) | |
| tree | b21935259add8fdbfca57bf4fdd1a76ea96985d9 /src/expr/node_manager.cpp | |
| parent | f99889b0c1260fccf28daac995e58312912bae9f (diff) | |
Add NodeManagerScopes to fix use-after-free issues (#4768)
This commit fixes our current ASan issues. Some methods in `NodeManager`
were not creating a `NodeManagerScope` for `this` but were indirectly
calling methods that get the `NodeManager` from the current scope, so we
ended up calling methods on a `NodeManager` that had already been
destroyed.
Diffstat (limited to 'src/expr/node_manager.cpp')
| -rw-r--r-- | src/expr/node_manager.cpp | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/expr/node_manager.cpp b/src/expr/node_manager.cpp index c68b0df86..e9f56bf3f 100644 --- a/src/expr/node_manager.cpp +++ b/src/expr/node_manager.cpp @@ -106,6 +106,10 @@ NodeManager::NodeManager(ExprManager* exprManager) } void NodeManager::init() { + // `mkConst()` indirectly needs the correct NodeManager in scope because we + // call `NodeValue::inc()` which uses `NodeManager::curentNM()` + NodeManagerScope nms(this); + poolInsert( &expr::NodeValue::null() ); for(unsigned i = 0; i < unsigned(kind::LAST_KIND); ++i) { |