[llvm-commits] [compiler-rt] r158198 - in /compiler-rt/trunk/lib/asan: asan_interceptors.cc tests/asan_test.cc
Alexey Samsonov
samsonov at google.com
Fri Jun 8 06:27:47 PDT 2012
Author: samsonov
Date: Fri Jun 8 08:27:46 2012
New Revision: 158198
URL: http://llvm.org/viewvc/llvm-project?rev=158198&view=rev
Log:
[ASan] add interceptor for strncat
Modified:
compiler-rt/trunk/lib/asan/asan_interceptors.cc
compiler-rt/trunk/lib/asan/tests/asan_test.cc
Modified: compiler-rt/trunk/lib/asan/asan_interceptors.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_interceptors.cc?rev=158198&r1=158197&r2=158198&view=diff
==============================================================================
--- compiler-rt/trunk/lib/asan/asan_interceptors.cc (original)
+++ compiler-rt/trunk/lib/asan/asan_interceptors.cc Fri Jun 8 08:27:46 2012
@@ -71,6 +71,7 @@
char* index(const char *string, int c);
# endif
char* strcat(char *to, const char* from); // NOLINT
+char *strncat(char *to, const char* from, uptr size);
char* strcpy(char *to, const char* from); // NOLINT
char* strncpy(char *to, const char* from, uptr size);
int strcmp(const char *s1, const char* s2);
@@ -504,6 +505,22 @@
return REAL(strcat)(to, from); // NOLINT
}
+INTERCEPTOR(char*, strncat, char *to, const char *from, uptr size) {
+ ENSURE_ASAN_INITED();
+ if (FLAG_replace_str && size > 0) {
+ uptr from_length = internal_strnlen(from, size);
+ ASAN_READ_RANGE(from, Min(size, from_length + 1));
+ uptr to_length = REAL(strlen)(to);
+ ASAN_READ_RANGE(to, to_length);
+ ASAN_WRITE_RANGE(to + to_length, from_length + 1);
+ if (from_length > 0) {
+ CHECK_RANGES_OVERLAP("strncat", to, to_length + 1,
+ from, Min(size, from_length + 1));
+ }
+ }
+ return REAL(strncat)(to, from, size);
+}
+
INTERCEPTOR(int, strcmp, const char *s1, const char *s2) {
if (!asan_inited) {
return internal_strcmp(s1, s2);
@@ -759,6 +776,7 @@
ASAN_INTERCEPT_FUNC(strcmp);
ASAN_INTERCEPT_FUNC(strcpy); // NOLINT
ASAN_INTERCEPT_FUNC(strlen);
+ ASAN_INTERCEPT_FUNC(strncat);
ASAN_INTERCEPT_FUNC(strncmp);
ASAN_INTERCEPT_FUNC(strncpy);
#if !defined(_WIN32)
Modified: compiler-rt/trunk/lib/asan/tests/asan_test.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/tests/asan_test.cc?rev=158198&r1=158197&r2=158198&view=diff
==============================================================================
--- compiler-rt/trunk/lib/asan/tests/asan_test.cc (original)
+++ compiler-rt/trunk/lib/asan/tests/asan_test.cc Fri Jun 8 08:27:46 2012
@@ -1252,6 +1252,47 @@
EXPECT_DEATH(strcat(to, from), RightOOBErrorMessage(0));
// length of "to" is just enough.
strcat(to, from + 1);
+
+ free(to);
+ free(from);
+}
+
+TEST(AddressSanitizer, StrNCatOOBTest) {
+ size_t to_size = Ident(100);
+ char *to = MallocAndMemsetString(to_size);
+ to[0] = '\0';
+ size_t from_size = Ident(20);
+ char *from = MallocAndMemsetString(from_size);
+ // Normal strncat calls.
+ strncat(to, from, 0);
+ strncat(to, from, from_size);
+ from[from_size - 1] = '\0';
+ strncat(to, from, 2 * from_size);
+ // Catenating empty string is not an error.
+ strncat(to - 1, from, 0);
+ strncat(to, from + from_size - 1, 10);
+ // One of arguments points to not allocated memory.
+ EXPECT_DEATH(strncat(to - 1, from, 2), LeftOOBErrorMessage(1));
+ EXPECT_DEATH(strncat(to, from - 1, 2), LeftOOBErrorMessage(1));
+ EXPECT_DEATH(strncat(to + to_size, from, 2), RightOOBErrorMessage(0));
+ EXPECT_DEATH(strncat(to, from + from_size, 2), RightOOBErrorMessage(0));
+
+ memset(from, 'z', from_size);
+ memset(to, 'z', to_size);
+ to[0] = '\0';
+ // "from" is too short.
+ EXPECT_DEATH(strncat(to, from, from_size + 1), RightOOBErrorMessage(0));
+ // "to" is not zero-terminated.
+ EXPECT_DEATH(strncat(to + 1, from, 1), RightOOBErrorMessage(0));
+ // "to" is too short to fit "from".
+ to[0] = 'z';
+ to[to_size - from_size + 1] = '\0';
+ EXPECT_DEATH(strncat(to, from, from_size - 1), RightOOBErrorMessage(0));
+ // "to" is just enough.
+ strncat(to, from, from_size - 2);
+
+ free(to);
+ free(from);
}
static string OverlapErrorMessage(const string &func) {
@@ -1308,6 +1349,18 @@
EXPECT_DEATH(strcat(str + 9, str), OverlapErrorMessage("strcat"));
EXPECT_DEATH(strcat(str + 10, str), OverlapErrorMessage("strcat"));
+ // Check "strncat".
+ memset(str, 'z', size);
+ str[10] = '\0';
+ strncat(str, str + 10, 10); // from is empty
+ strncat(str, str + 11, 10);
+ str[10] = '\0';
+ str[20] = '\0';
+ strncat(str + 5, str, 5);
+ str[10] = '\0';
+ EXPECT_DEATH(strncat(str + 5, str, 6), OverlapErrorMessage("strncat"));
+ EXPECT_DEATH(strncat(str, str + 9, 10), OverlapErrorMessage("strncat"));
+
free(str);
}
More information about the llvm-commits
mailing list