[PATCH] D36257: [asan] Check for pvalloc overlow
Kostya Kortchinsky via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Wed Aug 2 19:51:43 PDT 2017
cryptoad created this revision.
Herald added a subscriber: kubamracek.
Last one of the `pvalloc` overflow checks!
`CheckForPvallocOverflow` was introduced with https://reviews.llvm.org/D35818 to detect when `pvalloc`
would wrap when rounding up to the next multiple of the page size.
Add this check to ASan's `pvalloc` implementation.
https://reviews.llvm.org/D36257
Files:
lib/asan/asan_allocator.cc
lib/asan/tests/asan_test.cc
Index: lib/asan/tests/asan_test.cc
===================================================================
--- lib/asan/tests/asan_test.cc
+++ lib/asan/tests/asan_test.cc
@@ -140,6 +140,12 @@
EXPECT_EQ(0U, (uintptr_t)a % kPageSize);
a[101] = 1; // we should not report an error here.
free(a);
+
+ // Overflows should be caught.
+ EXPECT_DEATH(a = (char *)pvalloc((uintptr_t)-(kPageSize - 1)),
+ "allocator is terminating the process instead of returning 0");
+ EXPECT_DEATH(a = (char *)pvalloc((uintptr_t)-1),
+ "allocator is terminating the process instead of returning 0");
}
#endif // SANITIZER_TEST_HAS_PVALLOC
Index: lib/asan/asan_allocator.cc
===================================================================
--- lib/asan/asan_allocator.cc
+++ lib/asan/asan_allocator.cc
@@ -839,6 +839,10 @@
void *asan_pvalloc(uptr size, BufferedStackTrace *stack) {
uptr PageSize = GetPageSizeCached();
+ if (UNLIKELY(CheckForPvallocOverflow(size, PageSize))) {
+ errno = errno_ENOMEM;
+ return AsanAllocator::FailureHandler::OnBadRequest();
+ }
// pvalloc(0) should allocate one page.
size = size ? RoundUpTo(size, PageSize) : PageSize;
return SetErrnoOnNull(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D36257.109481.patch
Type: text/x-patch
Size: 1219 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170803/7a837663/attachment.bin>
More information about the llvm-commits
mailing list