aboutsummaryrefslogtreecommitdiff
path: root/llvm/lib/ProfileData/Coverage/CoverageMapping.cpp
diff options
context:
space:
mode:
authorAdvenam Tacet <advenam.tacet@trailofbits.com>2023-01-25 19:01:24 +0100
committerNikolas Klauser <nikolasklauser@berlin.de>2023-01-25 19:04:15 +0100
commit490555026821db47d1cf4bf08c219b3e56ec6b45 (patch)
treeb0e470351ccbe9c2d2b2068e18cac542fa3e04d2 /llvm/lib/ProfileData/Coverage/CoverageMapping.cpp
parent741021de32360cade7aca1e9f7368966a8a3d26a (diff)
downloadllvm-490555026821db47d1cf4bf08c219b3e56ec6b45.zip
llvm-490555026821db47d1cf4bf08c219b3e56ec6b45.tar.gz
llvm-490555026821db47d1cf4bf08c219b3e56ec6b45.tar.bz2
[ASan][libcxx] Annotating std::vector with all allocators
This revision is a part of a series of patches extending AddressSanitizer C++ container overflow detection capabilities by adding annotations, similar to those existing in std::vector, to std::string and std::deque collections. These changes allow ASan to detect cases when the instrumented program accesses memory which is internally allocated by the collection but is still not in-use (accesses before or after the stored elements for std::deque, or between the size and capacity bounds for std::string). The motivation for the research and those changes was a bug, found by Trail of Bits, in a real code where an out-of-bounds read could happen as two strings were compared via a std::equals function that took iter1_begin, iter1_end, iter2_begin iterators (with a custom comparison function). When object iter1 was longer than iter2, read out-of-bounds on iter2 could happen. Container sanitization would detect it. In revision D132522, support for non-aligned memory buffers (sharing first/last granule with other objects) was added, therefore the check for standard allocator is not necessary anymore. This patch removes the check in std::vector annotation member function (__annotate_contiguous_container) to support different allocators. If you have any questions, please email: - advenam.tacet@trailofbits.com - disconnect3d@trailofbits.com Reviewed By: #libc, #sanitizers, philnik, vitalybuka Spies: EricWF, philnik, #sanitizers, libcxx-commits Differential Revision: https://reviews.llvm.org/D136765
Diffstat (limited to 'llvm/lib/ProfileData/Coverage/CoverageMapping.cpp')
0 files changed, 0 insertions, 0 deletions