diff options
author | Kostya Kortchinsky <kostyak@google.com> | 2017-07-31 18:45:17 +0000 |
---|---|---|
committer | Kostya Kortchinsky <kostyak@google.com> | 2017-07-31 18:45:17 +0000 |
commit | 84b9dd08af3cabe2c588ea9775c42575da45fd40 (patch) | |
tree | 166cd621141fd6d0396154c8c63560500a105f4d | |
parent | f0878f1e7f4e67ed9c574ccd8b82093a201928e9 (diff) |
[msan] Check for pvalloc overflow
Summary:
`CheckForPvallocOverflow` was introduced with D35818 to detect when pvalloc
would wrap when rounding up to the next multiple of the page size.
Add this check to MSan's pvalloc implementation.
Reviewers: alekseyshl
Reviewed By: alekseyshl
Subscribers: llvm-commits
Differential Revision: https://reviews.llvm.org/D36093
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@309601 91177308-0d34-0410-b5e6-96231b3b80d8
-rw-r--r-- | lib/msan/msan_allocator.cc | 6 | ||||
-rw-r--r-- | lib/msan/tests/msan_test.cc | 11 |
2 files changed, 16 insertions, 1 deletions
diff --git a/lib/msan/msan_allocator.cc b/lib/msan/msan_allocator.cc index 1034dbdf9..1b134e15a 100644 --- a/lib/msan/msan_allocator.cc +++ b/lib/msan/msan_allocator.cc @@ -255,8 +255,12 @@ void *msan_valloc(uptr size, StackTrace *stack) { void *msan_pvalloc(uptr size, StackTrace *stack) { uptr PageSize = GetPageSizeCached(); + if (UNLIKELY(CheckForPvallocOverflow(size, PageSize))) { + errno = errno_ENOMEM; + return Allocator::FailureHandler::OnBadRequest(); + } // pvalloc(0) should allocate one page. - size = size == 0 ? PageSize : RoundUpTo(size, PageSize); + size = size ? RoundUpTo(size, PageSize) : PageSize; return SetErrnoOnNull(MsanAllocate(stack, size, PageSize, false)); } diff --git a/lib/msan/tests/msan_test.cc b/lib/msan/tests/msan_test.cc index b2d5f7c60..b4cc8493a 100644 --- a/lib/msan/tests/msan_test.cc +++ b/lib/msan/tests/msan_test.cc @@ -3449,6 +3449,17 @@ TEST(MemorySanitizer, pvalloc) { EXPECT_EQ(0U, (uintptr_t)p % PageSize); EXPECT_EQ(PageSize, __sanitizer_get_allocated_size(p)); free(p); + + // Overflows in pvalloc should be caught. + errno = 0; + p = pvalloc((uintptr_t)-PageSize); + EXPECT_EQ(p, nullptr); + EXPECT_EQ(errno, ENOMEM); + + errno = 0; + p = pvalloc((uintptr_t)-1); + EXPECT_EQ(p, nullptr); + EXPECT_EQ(errno, ENOMEM); } #endif |