fix: Implement plugin callsbacks required for thin LTO#1902
Conversation
| let name = CString::new(input_ref.file.filename.as_os_str().as_encoded_bytes())?; | ||
| let file = LdPluginInputFile { | ||
| name: name.as_ptr(), |
There was a problem hiding this comment.
Wasn't that use-after-free previously?
CString created allocation and unless I'm missing something due to viewing this on my phone, we only used pointer to it. So the name would be dropped when going out of scope.
With the new code name is stored within the struct, so the allocation is kept alive.
Borrow checker doesn't catch such issues because it's legal and safe to create dangling pointers. The part requiring unsafe code is reading from the pointers.
There was a problem hiding this comment.
The pointer to name would previously have been valid for the duration of the call into the plugin's claim-file hook. But if the claim-file hook stored the pointer and used it later, then yes, it would have been a use-after-free. AFAIK though it doesn't, but the linker plugin API docs are pretty absent of any mentions of required lifetimes, so who knows.
There was a problem hiding this comment.
Ah, this function returns LtoInputInfo, not LdPluginInputFile. Line wrapping in the mobile view tricked me.
Fixes #1571