[compiler-rt] r327068 - [asan] Fix bug where suppression of overlapping accesses was ignored on
Dan Liew via llvm-commits
llvm-commits at lists.llvm.org
Thu Mar 8 13:50:22 PST 2018
Author: delcypher
Date: Thu Mar 8 13:50:22 2018
New Revision: 327068
URL: http://llvm.org/viewvc/llvm-project?rev=327068&view=rev
Log:
[asan] Fix bug where suppression of overlapping accesses was ignored on
`strcpy()`, `strncpy()`, `strcat()`, and `strncat()`.
rdar://problem/35576899
Differential Revision: https://reviews.llvm.org/D43702
Added:
compiler-rt/trunk/test/asan/TestCases/strcat-overlap.cc
compiler-rt/trunk/test/asan/TestCases/strcpy-overlap.cc
compiler-rt/trunk/test/asan/TestCases/strncat-overlap.cc
compiler-rt/trunk/test/asan/TestCases/strncpy-overlap.cc
Modified:
compiler-rt/trunk/lib/asan/asan_interceptors_memintrinsics.h
Modified: compiler-rt/trunk/lib/asan/asan_interceptors_memintrinsics.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/asan/asan_interceptors_memintrinsics.h?rev=327068&r1=327067&r2=327068&view=diff
==============================================================================
--- compiler-rt/trunk/lib/asan/asan_interceptors_memintrinsics.h (original)
+++ compiler-rt/trunk/lib/asan/asan_interceptors_memintrinsics.h Thu Mar 8 13:50:22 2018
@@ -133,15 +133,22 @@ static inline bool RangesOverlap(const c
const char *offset2, uptr length2) {
return !((offset1 + length1 <= offset2) || (offset2 + length2 <= offset1));
}
-#define CHECK_RANGES_OVERLAP(name, _offset1, length1, _offset2, length2) do { \
- const char *offset1 = (const char*)_offset1; \
- const char *offset2 = (const char*)_offset2; \
- if (RangesOverlap(offset1, length1, offset2, length2)) { \
- GET_STACK_TRACE_FATAL_HERE; \
- ReportStringFunctionMemoryRangesOverlap(name, offset1, length1, \
- offset2, length2, &stack); \
- } \
-} while (0)
+#define CHECK_RANGES_OVERLAP(name, _offset1, length1, _offset2, length2) \
+ do { \
+ const char *offset1 = (const char *)_offset1; \
+ const char *offset2 = (const char *)_offset2; \
+ if (RangesOverlap(offset1, length1, offset2, length2)) { \
+ GET_STACK_TRACE_FATAL_HERE; \
+ bool suppressed = IsInterceptorSuppressed(name); \
+ if (!suppressed && HaveStackTraceBasedSuppressions()) { \
+ suppressed = IsStackTraceSuppressed(&stack); \
+ } \
+ if (!suppressed) { \
+ ReportStringFunctionMemoryRangesOverlap(name, offset1, length1, \
+ offset2, length2, &stack); \
+ } \
+ } \
+ } while (0)
} // namespace __asan
Added: compiler-rt/trunk/test/asan/TestCases/strcat-overlap.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/strcat-overlap.cc?rev=327068&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/strcat-overlap.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/strcat-overlap.cc Thu Mar 8 13:50:22 2018
@@ -0,0 +1,46 @@
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O1 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O3 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+
+#include <string.h>
+
+
+// Don't inline function otherwise stacktrace changes.
+__attribute__((noinline)) void bad_function() {
+ char buffer[] = "hello\0XXX";
+ // CHECK: strcat-param-overlap: memory ranges
+ // CHECK: [{{0x.*,[ ]*0x.*}}) and [{{0x.*,[ ]*0x.*}}) overlap
+ // CHECK: {{#0 0x.* in .*strcat}}
+ // CHECK: {{#1 0x.* in bad_function.*strcat-overlap.cc:}}[[@LINE+2]]
+ // CHECK: {{#2 0x.* in main .*strcat-overlap.cc:}}[[@LINE+5]]
+ strcat(buffer, buffer + 1); // BOOM
+}
+
+int main(int argc, char **argv) {
+ bad_function();
+ return 0;
+}
Added: compiler-rt/trunk/test/asan/TestCases/strcpy-overlap.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/strcpy-overlap.cc?rev=327068&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/strcpy-overlap.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/strcpy-overlap.cc Thu Mar 8 13:50:22 2018
@@ -0,0 +1,46 @@
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O1 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O3 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strcpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+
+#include <string.h>
+
+
+// Don't inline function otherwise stacktrace changes.
+__attribute__((noinline)) void bad_function() {
+ char buffer[] = "hello";
+ // CHECK: strcpy-param-overlap: memory ranges
+ // CHECK: [{{0x.*,[ ]*0x.*}}) and [{{0x.*,[ ]*0x.*}}) overlap
+ // CHECK: {{#0 0x.* in .*strcpy}}
+ // CHECK: {{#1 0x.* in bad_function.*strcpy-overlap.cc:}}[[@LINE+2]]
+ // CHECK: {{#2 0x.* in main .*strcpy-overlap.cc:}}[[@LINE+5]]
+ strcpy(buffer, buffer + 1); // BOOM
+}
+
+int main(int argc, char **argv) {
+ bad_function();
+ return 0;
+}
Added: compiler-rt/trunk/test/asan/TestCases/strncat-overlap.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/strncat-overlap.cc?rev=327068&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/strncat-overlap.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/strncat-overlap.cc Thu Mar 8 13:50:22 2018
@@ -0,0 +1,46 @@
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O1 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O3 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncat" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+
+#include <string.h>
+
+
+// Don't inline function otherwise stacktrace changes.
+__attribute__((noinline)) void bad_function() {
+ char buffer[] = "hello\0XXX";
+ // CHECK: strncat-param-overlap: memory ranges
+ // CHECK: [{{0x.*,[ ]*0x.*}}) and [{{0x.*,[ ]*0x.*}}) overlap
+ // CHECK: {{#0 0x.* in .*strncat}}
+ // CHECK: {{#1 0x.* in bad_function.*strncat-overlap.cc:}}[[@LINE+2]]
+ // CHECK: {{#2 0x.* in main .*strncat-overlap.cc:}}[[@LINE+5]]
+ strncat(buffer, buffer + 1, 3); // BOOM
+}
+
+int main(int argc, char **argv) {
+ bad_function();
+ return 0;
+}
Added: compiler-rt/trunk/test/asan/TestCases/strncpy-overlap.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/strncpy-overlap.cc?rev=327068&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/strncpy-overlap.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/strncpy-overlap.cc Thu Mar 8 13:50:22 2018
@@ -0,0 +1,46 @@
+// RUN: %clangxx_asan -O0 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O1 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O2 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+//
+// RUN: %clangxx_asan -O3 %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s
+// RUN: echo "interceptor_via_fun:bad_function" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+// RUN: echo "interceptor_name:strncpy" > %t.supp
+// RUN: %env_asan_opts=suppressions='"%t.supp"' %run %t
+
+#include <string.h>
+
+
+// Don't inline function otherwise stacktrace changes.
+__attribute__((noinline)) void bad_function() {
+ char buffer[] = "hello";
+ // CHECK: strncpy-param-overlap: memory ranges
+ // CHECK: [{{0x.*,[ ]*0x.*}}) and [{{0x.*,[ ]*0x.*}}) overlap
+ // CHECK: {{#0 0x.* in .*strncpy}}
+ // CHECK: {{#1 0x.* in bad_function.*strncpy-overlap.cc:}}[[@LINE+2]]
+ // CHECK: {{#2 0x.* in main .*strncpy-overlap.cc:}}[[@LINE+5]]
+ strncpy(buffer, buffer + 1, 5); // BOOM
+}
+
+int main(int argc, char **argv) {
+ bad_function();
+ return 0;
+}
More information about the llvm-commits
mailing list