[compiler-rt] 7ba4595 - [msan] Fix underflow in qsort interceptor.

Evgenii Stepanov via llvm-commits llvm-commits at lists.llvm.org
Mon Jan 6 16:15:27 PST 2020 

Author: Evgenii Stepanov
Date: 2020-01-06T16:12:52-08:00
New Revision: 7ba4595c86be88bf9ebb7261ba49ed4626e5f585

URL: https://github.com/llvm/llvm-project/commit/7ba4595c86be88bf9ebb7261ba49ed4626e5f585
DIFF: https://github.com/llvm/llvm-project/commit/7ba4595c86be88bf9ebb7261ba49ed4626e5f585.diff

LOG: [msan] Fix underflow in qsort interceptor.

Added: 
    

Modified: 
    compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
    compiler-rt/test/msan/qsort.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
index 47e344c9e3f2..2a4ab7e67a5c 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -9671,11 +9671,13 @@ INTERCEPTOR(void, qsort, void *base, SIZE_T nmemb, SIZE_T size,
   void *ctx;
   COMMON_INTERCEPTOR_ENTER(ctx, qsort, base, nmemb, size, compar);
   // Run the comparator over all array elements to detect any memory issues.
-  for (SIZE_T i = 0; i < nmemb - 1; ++i) {
-    void *p = (void *)((char *)base + i * size);
-    void *q = (void *)((char *)base + (i + 1) * size);
-    COMMON_INTERCEPTOR_UNPOISON_PARAM(2);
-    compar(p, q);
+  if (nmemb > 1) {
+    for (SIZE_T i = 0; i < nmemb - 1; ++i) {
+      void *p = (void *)((char *)base + i * size);
+      void *q = (void *)((char *)base + (i + 1) * size);
+      COMMON_INTERCEPTOR_UNPOISON_PARAM(2);
+      compar(p, q);
+    }
   }
   qsort_compar_f old_compar = qsort_compar;
   qsort_compar = compar;
@@ -9707,11 +9709,13 @@ INTERCEPTOR(void, qsort_r, void *base, SIZE_T nmemb, SIZE_T size,
   void *ctx;
   COMMON_INTERCEPTOR_ENTER(ctx, qsort_r, base, nmemb, size, compar, arg);
   // Run the comparator over all array elements to detect any memory issues.
-  for (SIZE_T i = 0; i < nmemb - 1; ++i) {
-    void *p = (void *)((char *)base + i * size);
-    void *q = (void *)((char *)base + (i + 1) * size);
-    COMMON_INTERCEPTOR_UNPOISON_PARAM(3);
-    compar(p, q, arg);
+  if (nmemb > 1) {
+    for (SIZE_T i = 0; i < nmemb - 1; ++i) {
+      void *p = (void *)((char *)base + i * size);
+      void *q = (void *)((char *)base + (i + 1) * size);
+      COMMON_INTERCEPTOR_UNPOISON_PARAM(3);
+      compar(p, q, arg);
+    }
   }
   qsort_r_compar_f old_compar = qsort_r_compar;
   qsort_r_compar = compar;

diff  --git a/compiler-rt/test/msan/qsort.cpp b/compiler-rt/test/msan/qsort.cpp
index cf754012b228..f052ed17ceef 100644
--- a/compiler-rt/test/msan/qsort.cpp
+++ b/compiler-rt/test/msan/qsort.cpp
@@ -74,5 +74,12 @@ int main(int argc, char *argv[]) {
   __msan_check_mem_is_initialized(p, sizeof(long) * kSize1);
   assert(seen2);
   delete[] p;
+
+  p = new long[0];
+  qsort(p, 0, sizeof(long), compar1);
+  delete[] p;
+
+  qsort(nullptr, 0, sizeof(long), compar1);
+
   return 0;
 }

More information about the llvm-commits mailing list