[PATCH] D33910: [ubsan] Detect invalid unsigned pointer index expression (clang)
Vedant Kumar via Phabricator via cfe-commits
cfe-commits at lists.llvm.org
Mon Jun 5 12:54:18 PDT 2017
vsk created this revision.
Adding an unsigned offset to a base pointer has undefined behavior if
the result of the expression would precede the base. An example from
@regehr:
int foo(char *p, unsigned offset) {
return p + offset >= p; // This may be optimized to '1'.
}
foo(p, -1); // UB.
This patch extends the pointer overflow check in ubsan to detect invalid
unsigned pointer index expressions. It changes the instrumentation to
only permit non-negative offsets in pointer index expressions when all
of the GEP indices are unsigned.
Aside: If anyone has a better name for this type of bug, I'm all ears.
Using "unsigned pointer index expression" could be a problem, because it
sounds like an indexing expression with an _unsigned pointer_.
https://reviews.llvm.org/D33910
Files:
lib/CodeGen/CGExpr.cpp
lib/CodeGen/CGExprScalar.cpp
lib/CodeGen/CodeGenFunction.h
test/CodeGen/ubsan-pointer-overflow.m
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D33910.101447.patch
Type: text/x-patch
Size: 18548 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/cfe-commits/attachments/20170605/3aeb9ae4/attachment-0001.bin>
More information about the cfe-commits
mailing list