[compiler-rt] 4278b7e - [sanitizers] Fixes strndup API behaviour when intercepted by sanitizers

Pierre Gousseau via llvm-commits llvm-commits at lists.llvm.org
Mon May 30 09:03:12 PDT 2022 

Author: Pierre Gousseau
Date: 2022-05-30T17:00:10+01:00
New Revision: 4278b7e16a5b13d529c92d682ac76b53f93a4961

URL: https://github.com/llvm/llvm-project/commit/4278b7e16a5b13d529c92d682ac76b53f93a4961
DIFF: https://github.com/llvm/llvm-project/commit/4278b7e16a5b13d529c92d682ac76b53f93a4961.diff

LOG: [sanitizers] Fixes strndup API behaviour when intercepted by sanitizers

Sanitizers ignore flag allocator_may_return_null=1 in strndup() calls.
When OOM is emulated, this causes to the unexpected crash.

Committed by pgousseau on behalf of "Kostyantyn Melnik, kmnls.kmnls at gmail.com"

Reviewed by: pgousseau

Differential Revision: https://reviews.llvm.org/D126452

Added: 
    

Modified: 
    compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
    compiler-rt/test/sanitizer_common/TestCases/max_allocation_size.cpp

Removed: 
    


################################################################################
diff  --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
index 99bd59abb9ee2..3b316f5edea80 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -385,9 +385,11 @@ extern const short *_tolower_tab_;
   if (common_flags()->intercept_strndup) {                                    \
     COMMON_INTERCEPTOR_READ_STRING(ctx, s, Min(size, copy_length + 1));       \
   }                                                                           \
-  COMMON_INTERCEPTOR_COPY_STRING(ctx, new_mem, s, copy_length);               \
-  internal_memcpy(new_mem, s, copy_length);                                   \
-  new_mem[copy_length] = '\0';                                                \
+  if (new_mem) {                                                              \
+    COMMON_INTERCEPTOR_COPY_STRING(ctx, new_mem, s, copy_length);             \
+    internal_memcpy(new_mem, s, copy_length);                                 \
+    new_mem[copy_length] = '\0';                                              \
+  }                                                                           \
   return new_mem;
 #endif
 

diff  --git a/compiler-rt/test/sanitizer_common/TestCases/max_allocation_size.cpp b/compiler-rt/test/sanitizer_common/TestCases/max_allocation_size.cpp
index 9cc799a3245d0..fc9bc3a044812 100644
--- a/compiler-rt/test/sanitizer_common/TestCases/max_allocation_size.cpp
+++ b/compiler-rt/test/sanitizer_common/TestCases/max_allocation_size.cpp
@@ -35,6 +35,10 @@
 // RUN:   | FileCheck %s --check-prefix=CHECK-nnCRASH
 // RUN: %env_tool_opts=max_allocation_size_mb=2:allocator_may_return_null=1 \
 // RUN:   %run %t new-nothrow 2>&1 | FileCheck %s --check-prefix=CHECK-NULL
+// RUN: %env_tool_opts=max_allocation_size_mb=2:allocator_may_return_null=0 \
+// RUN:   not %run %t strndup 2>&1 | FileCheck %s --check-prefix=CHECK-sCRASH
+// RUN: %env_tool_opts=max_allocation_size_mb=2:allocator_may_return_null=1 \
+// RUN:   %run %t strndup 2>&1 | FileCheck %s --check-prefix=CHECK-NULL
 
 // win32 is disabled due to failing errno tests.
 // UNSUPPORTED: ubsan, windows-msvc
@@ -47,6 +51,8 @@
 #include <stdlib.h>
 #include <string.h>
 
+constexpr size_t MaxAllocationSize = size_t{2} << 20;
+
 static void *allocate(const char *Action, size_t Size) {
   if (!strcmp(Action, "malloc"))
     return malloc(Size);
@@ -65,12 +71,21 @@ static void *allocate(const char *Action, size_t Size) {
     return ::operator new(Size);
   if (!strcmp(Action, "new-nothrow"))
     return ::operator new(Size, std::nothrow);
+  if (!strcmp(Action, "strndup")) {
+    static char pstr[MaxAllocationSize + 1] = {'a'};
+    for (size_t i = 0; i < MaxAllocationSize + 1; i++)
+      pstr[i] = 'a';
+    if (Size == MaxAllocationSize)
+      pstr[MaxAllocationSize - 1] = '\0';
+    return strndup(pstr, Size);
+  }
   assert(0);
 }
 
 static void deallocate(const char *Action, void *Ptr) {
   if (!strcmp(Action, "malloc") || !strcmp(Action, "calloc") ||
-      !strcmp(Action, "realloc") || !strcmp(Action, "realloc-after-malloc"))
+      !strcmp(Action, "realloc") || !strcmp(Action, "realloc-after-malloc") ||
+      !strcmp(Action, "strndup"))
     return free(Ptr);
   if (!strcmp(Action, "new"))
     return ::operator delete(Ptr);
@@ -84,8 +99,6 @@ int main(int Argc, char **Argv) {
   const char *Action = Argv[1];
   fprintf(stderr, "%s:\n", Action);
 
-  constexpr size_t MaxAllocationSize = size_t{2} << 20;
-
   // Should succeed when max_allocation_size_mb is set.
   void *volatile P = allocate(Action, MaxAllocationSize);
   assert(P);
@@ -120,8 +133,10 @@ int main(int Argc, char **Argv) {
 // CHECK-nCRASH-OOM: {{SUMMARY: .*Sanitizer: out-of-memory}}
 // CHECK-nnCRASH: new-nothrow:
 // CHECK-nnCRASH: {{SUMMARY: .*Sanitizer: allocation-size-too-big}}
+// CHECK-sCRASH: strndup:
+// CHECK-sCRASH: {{SUMMARY: .*Sanitizer: allocation-size-too-big}}
 
-// CHECK-NULL: {{malloc|calloc|calloc-overflow|realloc|realloc-after-malloc|new-nothrow}}
+// CHECK-NULL: {{malloc|calloc|calloc-overflow|realloc|realloc-after-malloc|new-nothrow|strndup}}
 // CHECK-NULL: errno: 12, P: 0
 //
 // CHECK-NOTNULL-NOT: P: 0

More information about the llvm-commits mailing list