[compiler-rt] r290632 - [asan] Fix handling of %m in printf interceptor.

Evgeniy Stepanov via llvm-commits llvm-commits at lists.llvm.org
Tue Dec 27 14:14:04 PST 2016


Author: eugenis
Date: Tue Dec 27 16:14:03 2016
New Revision: 290632

URL: http://llvm.org/viewvc/llvm-project?rev=290632&view=rev
Log:
[asan] Fix handling of %m in printf interceptor.

Added:
    compiler-rt/trunk/test/asan/TestCases/printf-m.c
Modified:
    compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_format.inc
    compiler-rt/trunk/lib/sanitizer_common/tests/sanitizer_format_interceptor_test.cc

Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_format.inc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_format.inc?rev=290632&r1=290631&r2=290632&view=diff
==============================================================================
--- compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_format.inc (original)
+++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors_format.inc Tue Dec 27 16:14:03 2016
@@ -435,10 +435,6 @@ static const char *printf_parse_next(con
 }
 
 static int printf_get_value_size(PrintfDirective *dir) {
-  if (dir->convSpecifier == 'm') {
-    return sizeof(char *);
-  }
-
   if (char_is_one_of(dir->convSpecifier, "cCsS")) {
     unsigned charSize =
         format_get_char_size(dir->convSpecifier, dir->lengthModifier);
@@ -519,6 +515,9 @@ static void printf_common(void *ctx, con
       // Dynamic precision
       SKIP_SCALAR_ARG(&aq, 'd', sizeof(int));
     }
+    // %m does not require an argument: strlen(errno).
+    if (dir.convSpecifier == 'm')
+      continue;
     int size = printf_get_value_size(&dir);
     if (size == FSS_INVALID) {
       Report("WARNING: unexpected format specifier in printf "

Modified: compiler-rt/trunk/lib/sanitizer_common/tests/sanitizer_format_interceptor_test.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/tests/sanitizer_format_interceptor_test.cc?rev=290632&r1=290631&r2=290632&view=diff
==============================================================================
--- compiler-rt/trunk/lib/sanitizer_common/tests/sanitizer_format_interceptor_test.cc (original)
+++ compiler-rt/trunk/lib/sanitizer_common/tests/sanitizer_format_interceptor_test.cc Tue Dec 27 16:14:03 2016
@@ -256,4 +256,8 @@ TEST(SanitizerCommonInterceptors, Printf
 
   // Checks for wide-character strings are not implemented yet.
   testPrintf("%ls", 1, 0);
+
+  testPrintf("%m", 0);
+  testPrintf("%m%s", 1, test_buf_size);
+  testPrintf("%s%m%s", 2, test_buf_size, test_buf_size);
 }

Added: compiler-rt/trunk/test/asan/TestCases/printf-m.c
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/printf-m.c?rev=290632&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/printf-m.c (added)
+++ compiler-rt/trunk/test/asan/TestCases/printf-m.c Tue Dec 27 16:14:03 2016
@@ -0,0 +1,14 @@
+// RUN: %clang_asan -O2 %s -o %t && %run %t
+
+// FIXME: printf is not intercepted on Windows yet.
+// XFAIL: win32
+
+#include <stdio.h>
+
+int main() {
+  char s[5] = {'w', 'o', 'r', 'l', 'd'};
+  // Test that %m does not consume an argument. If it does, %s would apply to
+  // the 5-character buffer, resulting in a stack-buffer-overflow report.
+  printf("%m %s, %.5s\n", "hello", s);
+  return 0;
+}




More information about the llvm-commits mailing list