[PATCH] D25199: [ubsan] Sanitize deleted pointers

Matt Gingell via cfe-commits cfe-commits at lists.llvm.org
Mon Oct 3 10:58:47 PDT 2016


gingell created this revision.
gingell added reviewers: cfe-commits, kcc.

This patch adds a "value-after-delete" sanitizer, which will
invalidate the value of a pointer passed in a delete expression.

For instance, when -fsanitize=value-after-delete is passed:

int *foo = new int;
delete foo;
// foo == 0xDEADBEEFDEADBEEF

This is intended to help catch some use-after-free problems by 
ensuring access through a deleted pointer fails immediately on 
an address should be obviously suspicious when inspected in the
debugger. The expectation is immediately invalidating dangling
pointers can help uncover latent bugs that might otherwise cause
more subtle problems further down the line.


https://reviews.llvm.org/D25199

Files:
  docs/UndefinedBehaviorSanitizer.rst
  include/clang/Basic/Sanitizers.def
  include/clang/Driver/Options.td
  lib/CodeGen/CGExprScalar.cpp
  test/CodeGenCXX/sanitize-value-after-delete.cpp
  test/Driver/fsanitize.c

-------------- next part --------------
A non-text attachment was scrubbed...
Name: D25199.73302.patch
Type: text/x-patch
Size: 13773 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20161003/af1e2a9c/attachment.bin>


More information about the cfe-commits mailing list