[PATCH] D39626: [Sanitizers] Check pthread_setcancel{state|type} interceptor arguments for != nullptr.
Aleksey Shlyapnikov via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Nov 3 16:52:03 PDT 2017
alekseyshl created this revision.
Herald added a subscriber: kubamracek.
According to man, pthread_setcancelstate's oldstate and
pthread_setcanceltype's oldtype parameters can be nullptr.
Check these parameters for != nullptr before attempting to
access their shadow memory.
https://reviews.llvm.org/D39626
Files:
lib/sanitizer_common/sanitizer_common_interceptors.inc
Index: lib/sanitizer_common/sanitizer_common_interceptors.inc
===================================================================
--- lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -5835,16 +5835,16 @@
void *ctx;
COMMON_INTERCEPTOR_ENTER(ctx, pthread_setcancelstate, state, oldstate);
int res = REAL(pthread_setcancelstate)(state, oldstate);
- if (res == 0)
+ if (res == 0 && oldstate != nullptr)
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldstate, sizeof(*oldstate));
return res;
}
INTERCEPTOR(int, pthread_setcanceltype, int type, int *oldtype) {
void *ctx;
COMMON_INTERCEPTOR_ENTER(ctx, pthread_setcanceltype, type, oldtype);
int res = REAL(pthread_setcanceltype)(type, oldtype);
- if (res == 0)
+ if (res == 0 && oldtype != nullptr)
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldtype, sizeof(*oldtype));
return res;
}
-------------- next part --------------
A non-text attachment was scrubbed...
Name: D39626.121568.patch
Type: text/x-patch
Size: 922 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20171103/11603197/attachment.bin>
More information about the llvm-commits
mailing list