[PATCH] D36164: [msan] Check for pvalloc overflow

Kostya Kortchinsky via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Tue Aug 1 11:07:29 PDT 2017


cryptoad created this revision.

CheckForPvallocOverflow was introduced with https://reviews.llvm.org/D35818 to detect when pvalloc
would wrap when rounding up to the next multiple of the page size.

Add this check to MSan's pvalloc implementation.

This time I made sure I was actually running (and writing) the correct tests,
and that they are passing...


https://reviews.llvm.org/D36164

Files:
  lib/msan/msan_allocator.cc
  lib/msan/tests/msan_test.cc


Index: lib/msan/tests/msan_test.cc
===================================================================
--- lib/msan/tests/msan_test.cc
+++ lib/msan/tests/msan_test.cc
@@ -3449,6 +3449,12 @@
   EXPECT_EQ(0U, (uintptr_t)p % PageSize);
   EXPECT_EQ(PageSize, __sanitizer_get_allocated_size(p));
   free(p);
+
+  // Overflows should be caught.
+  EXPECT_DEATH(p = pvalloc((uintptr_t)-1),
+               "allocator is terminating the process instead of returning 0");
+  EXPECT_DEATH(p = pvalloc((uintptr_t)-(PageSize - 1)),
+               "allocator is terminating the process instead of returning 0");
 }
 #endif
 
Index: lib/msan/msan_allocator.cc
===================================================================
--- lib/msan/msan_allocator.cc
+++ lib/msan/msan_allocator.cc
@@ -255,6 +255,10 @@
 
 void *msan_pvalloc(uptr size, StackTrace *stack) {
   uptr PageSize = GetPageSizeCached();
+  if (UNLIKELY(CheckForPvallocOverflow(size, PageSize))) {
+    errno = errno_ENOMEM;
+    return Allocator::FailureHandler::OnBadRequest();
+  }
   // pvalloc(0) should allocate one page.
   size = size ? RoundUpTo(size, PageSize) : PageSize;
   return SetErrnoOnNull(MsanAllocate(stack, size, PageSize, false));


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D36164.109159.patch
Type: text/x-patch
Size: 1208 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170801/8a114b93/attachment.bin>


More information about the llvm-commits mailing list