[compiler-rt] r305217 - [ubsan] Detect invalid unsigned pointer index expression (compiler-rt)

[Vedant Kumar via llvm-commits]

Author: vedantk
Date: Mon Jun 12 13:42:51 2017
New Revision: 305217

URL: http://llvm.org/viewvc/llvm-project?rev=305217&view=rev
Log:
[ubsan] Detect invalid unsigned pointer index expression (compiler-rt)

Compiler-rt part of: https://reviews.llvm.org/D33910

Differential Revision: https://reviews.llvm.org/D33911

Added:
    compiler-rt/trunk/test/ubsan/TestCases/Pointer/unsigned-index-expression.cpp
Modified:
    compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc

Modified: compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc?rev=305217&r1=305216&r2=305217&view=diff
==============================================================================
--- compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc (original)
+++ compiler-rt/trunk/lib/ubsan/ubsan_handlers.cc Mon Jun 12 13:42:51 2017
@@ -566,8 +566,14 @@ static void handlePointerOverflowImpl(Po
 
   ScopedReport R(Opts, Loc, ET);
 
-  Diag(Loc, DL_Error, "pointer index expression with base %0 overflowed to %1")
-    << (void *)Base << (void*)Result;
+  if ((sptr(Base) >= 0) == (sptr(Result) >= 0))
+    Diag(Loc, DL_Error, "unsigned pointer index expression result is %0, "
+                        "preceding its base %1")
+        << (void *)Result << (void *)Base;
+  else
+    Diag(Loc, DL_Error,
+         "pointer index expression with base %0 overflowed to %1")
+        << (void *)Base << (void *)Result;
 }
 
 void __ubsan::__ubsan_handle_pointer_overflow(PointerOverflowData *Data,

Added: compiler-rt/trunk/test/ubsan/TestCases/Pointer/unsigned-index-expression.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/ubsan/TestCases/Pointer/unsigned-index-expression.cpp?rev=305217&view=auto
==============================================================================
--- compiler-rt/trunk/test/ubsan/TestCases/Pointer/unsigned-index-expression.cpp (added)
+++ compiler-rt/trunk/test/ubsan/TestCases/Pointer/unsigned-index-expression.cpp Mon Jun 12 13:42:51 2017
@@ -0,0 +1,13 @@
+// RUN: %clangxx -fsanitize=pointer-overflow %s -o %t
+// RUN: %t 2>&1 | FileCheck %s
+
+int main(int argc, char *argv[]) {
+  char c;
+  char *p = &c;
+  unsigned long long offset = -1;
+
+  // CHECK: unsigned-index-expression.cpp:[[@LINE+1]]:15: runtime error: unsigned pointer index expression result is 0x{{.*}}, preceding its base 0x{{.*}}
+  char *q = p + offset;
+
+  return 0;
+}