[compiler-rt] e1041ed - [sanitizer] move a pointer dereference after its null check
Vitaly Buka via llvm-commits
llvm-commits at lists.llvm.org
Wed Apr 26 18:59:23 PDT 2023
Author: Wu, Yingcong
Date: 2023-04-26T18:59:17-07:00
New Revision: e1041ed5761c03bde830a2932c719901d43a8d7e
URL: https://github.com/llvm/llvm-project/commit/e1041ed5761c03bde830a2932c719901d43a8d7e
DIFF: https://github.com/llvm/llvm-project/commit/e1041ed5761c03bde830a2932c719901d43a8d7e.diff
LOG: [sanitizer] move a pointer dereference after its null check
The dereference of pointer `ctx` is not protected by its null check, this could be problematic.
Reviewed By: vitalybuka, MaskRay
Differential Revision: https://reviews.llvm.org/D149011
Added:
Modified:
compiler-rt/lib/sanitizer_common/sanitizer_common_syscalls.inc
Removed:
################################################################################
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_syscalls.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_syscalls.inc
index 93b988ba1639..3900bcf22b7a 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_syscalls.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_syscalls.inc
@@ -1374,9 +1374,8 @@ PRE_SYSCALL(io_setup)(long nr_reqs, void **ctx) {
}
POST_SYSCALL(io_setup)(long res, long nr_reqs, void **ctx) {
- if (res >= 0) {
- if (ctx)
- POST_WRITE(ctx, sizeof(*ctx));
+ if (res >= 0 && ctx) {
+ POST_WRITE(ctx, sizeof(*ctx));
// (*ctx) is actually a pointer to a kernel mapped page, and there are
// people out there who are crazy enough to peek into that page's 32-byte
// header.
More information about the llvm-commits
mailing list