[PATCH] Sanitize printf functions

Kostya Serebryany kcc at google.com
Thu Jan 9 00:58:46 PST 2014


On Thu, Jan 9, 2014 at 12:52 PM, Yury Gribov <tetra2005 at gmail.com> wrote:

>
>
> ================
> Comment at: asan/lit_tests/TestCases/printf-2.c:2
> @@ +1,3 @@
> +// RUN: %clang_asan -O2 %s -o %t
> +// RUN: not %t 2>&1 | FileCheck %s
> +
> ----------------
> Yury Gribov wrote:
> > Kostya Serebryany wrote:
> > > please make these tests run in 3 modes:
> > >   ASAN_OPTIONS=check_printf=0
> > >   ASAN_OPTIONS=check_printf=1
> > >   ASAN_OPTIONS=""
> > >
> > > we need to test that the flag affects the behavior and that it's
> default value is what we expect it to be.
> > >
> > > (use FileCheck --check-prefix=CHECK-ON and --check-prefix=CHECK-OFF)
> > Ok.
> BTW how do you suggest the check_printf=0 case? In my understanding we'll
> have UB with absolutely unpredictable behavior...
>

That's not that bad.
If you allocate a heap block using asan's allocator, the behavior of an
uncheck-ed out-of-bounds read is quite predictable (not from C++ point of
view, but from asan's point of view)
E.g. if you do
  char *x = new char[4000];
 you may be quite confident that an unchecked access to x[4001] is quite ok



>
>
> http://llvm-reviews.chandlerc.com/D2480
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20140109/2572e53d/attachment.html>


More information about the llvm-commits mailing list