[PATCH] D85935: [DFSan] Fix parameters to strtoull wrapper.

Matt Morehouse via Phabricator via llvm-commits llvm-commits at lists.llvm.org
Thu Aug 13 14:21:45 PDT 2020 

morehouse created this revision.
morehouse added reviewers: kcc, vitalybuka, pcc.
Herald added a project: Sanitizers.
Herald added a subscriber: Sanitizers.
morehouse requested review of this revision.

base and nptr_label were swapped, which meant we were passing nptr's
shadow as the base to the operation.  Usually, the shadow is 0, which
causes strtoull to guess the correct base from the string prefix (e.g.,
0x means base-16 and 0 means base-8), hiding this bug.  Adjust the test
case to expose the bug.


Repository:
  rG LLVM Github Monorepo

https://reviews.llvm.org/D85935

Files:
  compiler-rt/lib/dfsan/dfsan_custom.cpp
  compiler-rt/test/dfsan/custom.cpp


Index: compiler-rt/test/dfsan/custom.cpp
===================================================================
--- compiler-rt/test/dfsan/custom.cpp
+++ compiler-rt/test/dfsan/custom.cpp
@@ -537,24 +537,24 @@
 }
 
 void test_strtoul() {
-  char buf[] = "0xffffffffffffaa";
+  char buf[] = "ffffffffffffaa";
   char *endptr = NULL;
   dfsan_set_label(i_label, buf + 1, 1);
   dfsan_set_label(j_label, buf + 2, 1);
   long unsigned int ret = strtol(buf, &endptr, 16);
   assert(ret == 72057594037927850);
-  assert(endptr == buf + 16);
+  assert(endptr == buf + 14);
   ASSERT_LABEL(ret, i_j_label);
 }
 
 void test_strtoull() {
-  char buf[] = "0xffffffffffffffaa";
+  char buf[] = "ffffffffffffffaa";
   char *endptr = NULL;
   dfsan_set_label(i_label, buf + 1, 1);
   dfsan_set_label(j_label, buf + 2, 1);
   long long unsigned int ret = strtoull(buf, &endptr, 16);
   assert(ret == 0xffffffffffffffaa);
-  assert(endptr == buf + 18);
+  assert(endptr == buf + 16);
   ASSERT_LABEL(ret, i_j_label);
 }
 
Index: compiler-rt/lib/dfsan/dfsan_custom.cpp
===================================================================
--- compiler-rt/lib/dfsan/dfsan_custom.cpp
+++ compiler-rt/lib/dfsan/dfsan_custom.cpp
@@ -607,8 +607,8 @@
 
 SANITIZER_INTERFACE_ATTRIBUTE
 long long unsigned int __dfsw_strtoull(const char *nptr, char **endptr,
-                                       dfsan_label nptr_label,
-                                       int base, dfsan_label endptr_label,
+                                       int base, dfsan_label nptr_label,
+                                       dfsan_label endptr_label,
                                        dfsan_label base_label,
                                        dfsan_label *ret_label) {
   char *tmp_endptr;


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D85935.285496.patch
Type: text/x-patch
Size: 1760 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20200813/e0471d35/attachment.bin>

More information about the llvm-commits mailing list