https://github.com/evelez7 created https://github.com/llvm/llvm-project/pull/173336
The `if` statements in `insertComment` didn't check whether or not the comment JSON object was a nullptr before dereferencing it. This crash only happened when running clang-doc on larger codebases, like `clang`. >From cc0c16657a09df9359f983864fe32beedc931b8f Mon Sep 17 00:00:00 2001 From: Erick Velez <[email protected]> Date: Mon, 22 Dec 2025 22:33:12 -0800 Subject: [PATCH] [clang-doc] Fix nullptr dereference in JSONGenerator::insertComment The `if` statements in `insertComment` didn't check whether or not the comment JSON object was a nullptr before dereferencing it. This crash only happened when running clang-doc on larger codebases, like `clang`. --- clang-tools-extra/clang-doc/JSONGenerator.cpp | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) diff --git a/clang-tools-extra/clang-doc/JSONGenerator.cpp b/clang-tools-extra/clang-doc/JSONGenerator.cpp index 9c384ed7eeade..6dec347ed0bd0 100644 --- a/clang-tools-extra/clang-doc/JSONGenerator.cpp +++ b/clang-tools-extra/clang-doc/JSONGenerator.cpp @@ -98,11 +98,12 @@ static void insertComment(Object &Description, json::Value &Comment, // The comment has a Children array for the actual text, with meta attributes // alongside it in the Object. if (auto *Obj = Comment.getAsObject()) { - if (auto *Children = Obj->getArray("Children"); Children->empty()) + if (auto *Children = Obj->getArray("Children"); + Children && Children->empty()) return; } // The comment is just an array of text comments. - else if (auto *Array = Comment.getAsArray(); Array->empty()) { + else if (auto *Array = Comment.getAsArray(); Array && Array->empty()) { return; } _______________________________________________ cfe-commits mailing list [email protected] https://lists.llvm.org/cgi-bin/mailman/listinfo/cfe-commits
