[PATCH] D36257: [asan] Check for pvalloc overlow
Kostya Kortchinsky via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Aug 4 08:25:32 PDT 2017
cryptoad updated this revision to Diff 109745.
cryptoad added a comment.
Switching the test to a lit test to avoid breaking places with a different
allocator_may_return_null value.
https://reviews.llvm.org/D36257
Files:
lib/asan/asan_allocator.cc
test/asan/TestCases/Linux/pvalloc-overflow.cc
Index: test/asan/TestCases/Linux/pvalloc-overflow.cc
===================================================================
--- /dev/null
+++ test/asan/TestCases/Linux/pvalloc-overflow.cc
@@ -0,0 +1,41 @@
+// RUN: %clangxx_asan %s -o %t
+// RUN: ASAN_OPTIONS=allocator_may_return_null=0 not %run %t m1 2>&1 | FileCheck %s
+// RUN: ASAN_OPTIONS=allocator_may_return_null=1 %run %t m1 2>&1
+// RUN: ASAN_OPTIONS=allocator_may_return_null=0 not %run %t psm1 2>&1 | FileCheck %s
+// RUN: ASAN_OPTIONS=allocator_may_return_null=1 %run %t psm1 2>&1
+
+// UNSUPPORTED: freebsd
+
+// Checks that pvalloc overflows are caught. If the allocator is allowed to
+// return null, the errno should be set to ENOMEM.
+
+#include <assert.h>
+#include <errno.h>
+#include <malloc.h>
+#include <stdint.h>
+#include <string.h>
+#include <unistd.h>
+
+int main(int argc, char *argv[]) {
+ void *p;
+ size_t page_size;
+
+ assert(argc == 2);
+
+ page_size = sysconf(_SC_PAGESIZE);
+
+ if (!strcmp(argv[1], "m1")) {
+ p = pvalloc((uintptr_t)-1);
+ assert(!p);
+ assert(errno == ENOMEM);
+ }
+ if (!strcmp(argv[1], "psm1")) {
+ p = pvalloc((uintptr_t)-(page_size - 1));
+ assert(!p);
+ assert(errno == ENOMEM);
+ }
+
+ return 0;
+}
+
+// CHECK: AddressSanitizer's allocator is terminating the process
Index: lib/asan/asan_allocator.cc
===================================================================
--- lib/asan/asan_allocator.cc
+++ lib/asan/asan_allocator.cc
@@ -839,6 +839,10 @@
void *asan_pvalloc(uptr size, BufferedStackTrace *stack) {
uptr PageSize = GetPageSizeCached();
+ if (UNLIKELY(CheckForPvallocOverflow(size, PageSize))) {
+ errno = errno_ENOMEM;
+ return AsanAllocator::FailureHandler::OnBadRequest();
+ }
// pvalloc(0) should allocate one page.
size = size ? RoundUpTo(size, PageSize) : PageSize;
return SetErrnoOnNull(
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D36257.109745.patch
Type: text/x-patch
Size: 1872 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170804/0e79f1fb/attachment.bin>
More information about the llvm-commits
mailing list