diff options
| author | Yury Gribov <y.gribov@samsung.com> | 2014-06-20 13:33:28 +0000 |
|---|---|---|
| committer | Maxim Ostapenko <chefmax@gcc.gnu.org> | 2014-06-20 16:33:28 +0300 |
| commit | 0cbf438b115b95453a1b0414c6cf628bf1ad1ead (patch) | |
| tree | fd8dcedd9f898e8f346830bcc90cd385e5f4cca4 | |
| parent | bec81025ed968d6ba52308b2a9824bd689628a5f (diff) | |
| download | gcc-0cbf438b115b95453a1b0414c6cf628bf1ad1ead.zip gcc-0cbf438b115b95453a1b0414c6cf628bf1ad1ead.tar.gz gcc-0cbf438b115b95453a1b0414c6cf628bf1ad1ead.tar.bz2 | |
asan.c (instrument_strlen_call): Fixed instrumentation of trailing byte.
2014-06-18 Yury Gribov <y.gribov@samsung.com>
gcc/
* asan.c (instrument_strlen_call): Fixed instrumentation of
trailing byte.
gcc/testsuite/
* c-c++-common/asan/strlen-overflow-1.c: New test.
Co-Authored-By: Max Ostapenko <m.ostapenko@partner.samsung.com>
From-SVN: r211849
| -rw-r--r-- | gcc/ChangeLog | 7 | ||||
| -rw-r--r-- | gcc/asan.c | 20 | ||||
| -rw-r--r-- | gcc/testsuite/ChangeLog | 6 | ||||
| -rw-r--r-- | gcc/testsuite/c-c++-common/asan/strlen-overflow-1.c | 29 |
4 files changed, 52 insertions, 10 deletions
diff --git a/gcc/ChangeLog b/gcc/ChangeLog index fde7c41..9aaab6e 100644 --- a/gcc/ChangeLog +++ b/gcc/ChangeLog @@ -1,3 +1,10 @@ +2014-06-20 Yury Gribov <y.gribov@samsung.com> + Max Ostapenko <m.ostapenko@partner.samsung.com> + + PR sanitizer/61547 + * asan.c (instrument_strlen_call): Fixed instrumentation of + trailing byte. + 2014-06-20 Martin Jambor <mjambor@suse.cz> PR ipa/61540 @@ -2037,19 +2037,19 @@ instrument_strlen_call (gimple_stmt_iterator *iter) build_check_stmt (loc, gimple_assign_lhs (str_arg_ssa), NULL_TREE, 1, iter, /*non_zero_len_p*/true, /*before_p=*/true, - /*is_store=*/false, /*is_scalar_access*/false, /*align*/0); + /*is_store=*/false, /*is_scalar_access*/true, /*align*/0); - gimple stmt = - gimple_build_assign_with_ops (PLUS_EXPR, - make_ssa_name (TREE_TYPE (len), NULL), - len, - build_int_cst (TREE_TYPE (len), 1)); - gimple_set_location (stmt, loc); - gsi_insert_after (iter, stmt, GSI_NEW_STMT); + gimple g = + gimple_build_assign_with_ops (POINTER_PLUS_EXPR, + make_ssa_name (cptr_type, NULL), + gimple_assign_lhs (str_arg_ssa), + len); + gimple_set_location (g, loc); + gsi_insert_after (iter, g, GSI_NEW_STMT); - build_check_stmt (loc, gimple_assign_lhs (stmt), len, 1, iter, + build_check_stmt (loc, gimple_assign_lhs (g), NULL_TREE, 1, iter, /*non_zero_len_p*/true, /*before_p=*/false, - /*is_store=*/false, /*is_scalar_access*/false, /*align*/0); + /*is_store=*/false, /*is_scalar_access*/true, /*align*/0); return true; } diff --git a/gcc/testsuite/ChangeLog b/gcc/testsuite/ChangeLog index 0cceea5..79bbeb4 100644 --- a/gcc/testsuite/ChangeLog +++ b/gcc/testsuite/ChangeLog @@ -1,3 +1,9 @@ +2014-06-20 Yury Gribov <y.gribov@samsung.com> + Max Ostapenko <m.ostapenko@partner.samsung.com> + + PR sanitizer/61547 + * c-c++-common/asan/strlen-overflow-1.c: New test. + 2014-06-20 Martin Jambor <mjambor@suse.cz> PR ipa/61540 diff --git a/gcc/testsuite/c-c++-common/asan/strlen-overflow-1.c b/gcc/testsuite/c-c++-common/asan/strlen-overflow-1.c new file mode 100644 index 0000000..bf6bf66 --- /dev/null +++ b/gcc/testsuite/c-c++-common/asan/strlen-overflow-1.c @@ -0,0 +1,29 @@ +/* { dg-do run } */ +/* { dg-skip-if "" { *-*-* } { "-flto" } { "" } } */ +/* { dg-shouldfail "asan" } */ + +#include <sanitizer/asan_interface.h> + +char a[2] = "0"; + +#ifdef __cplusplus +extern "C" +#endif + +__attribute__((no_sanitize_address, noinline)) __SIZE_TYPE__ +strlen (const char *p) { + + __SIZE_TYPE__ n = 0; + for (; *p; ++n, ++p); + return n; +} + +int main () { + char *p = &a[0]; + asm ("" : "+r"(p)); + __asan_poison_memory_region ((char *)&a[1], 1); + return __builtin_strlen (a); +} + +/* { dg-output "READ of size 1 at 0x\[0-9a-f\]+ thread T0.*(\n|\r\n|\r)" } */ +/* { dg-output " #0 0x\[0-9a-f\]+ (in _*main (\[^\n\r]*strlen-overflow-1.c:24|\[^\n\r]*:0)|\[(\]).*(\n|\r\n|\r)" } */ |