Fix use after free in DiskFilesOrDirectories

Summary:
We copy the local variable `Resolved` into `Storage` to keep it around. However, we then still let the `SearchDir` ref point to `Resolved` which then is used to access the already freed memory later on. With this patch we point to `Storage` which doesn't get deleted after the current scope exits.

Discovered by memory sanitizer in the CompletionTest.DirCompletionUsername test.

Reviewers: zturner

Subscribers: lldb-commits

Differential Revision: https://reviews.llvm.org/D42346

llvm-svn: 323082

diff --git a/lldb/source/Commands/CommandCompletions.cpp b/lldb/source/Commands/CommandCompletions.cpp
index 34cad97..c69011f 100644 (file)
--- a/lldb/source/Commands/CommandCompletions.cpp
+++ b/lldb/source/Commands/CommandCompletions.cpp
@@ -165,7 +165,7 @@ static int DiskFilesOrDirectories(const llvm::Twine &partial_name,
     // search in the fully resolved directory, but CompletionBuffer keeps the
     // unmodified form that the user typed.
     Storage = Resolved;
-    SearchDir = Resolved;
+    SearchDir = Storage;
   } else {
     SearchDir = path::parent_path(CompletionBuffer);
   }