diff options
author | Maxim Ostapenko <chefmax7@gmail.com> | 2017-12-18 15:31:26 +0000 |
---|---|---|
committer | Maxim Ostapenko <chefmax7@gmail.com> | 2017-12-18 15:31:26 +0000 |
commit | d97da5b44c1d8c1fa5c23b8f16dc630105517993 (patch) | |
tree | 2cb00ff88aa267c55c68b7ef153a570b7cdad324 /test | |
parent | f84f696f177bddf93843c4c780e4e9718513e9bd (diff) |
[asan] Add interceptor for printf_chk
There could be a situation when a specific DSO was built with FORTIFY_SOURCE option. In case asan-ed binary link against that DSO,
libasan can't handle the possible memory error because it does not have interceptors for spinrtf_chk, snprintf_chk, vprintf_chk,
vsnprintf_chk, __fprintf_chk functions. Let's interceptors for them.
Patch by Denis Khalikov.
Differential Revision: https://reviews.llvm.org/D40951
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@320990 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'test')
-rw-r--r-- | test/asan/TestCases/Linux/printf-fortify-1.c | 18 | ||||
-rw-r--r-- | test/asan/TestCases/Linux/printf-fortify-2.c | 18 | ||||
-rw-r--r-- | test/asan/TestCases/Linux/printf-fortify-3.c | 22 | ||||
-rw-r--r-- | test/asan/TestCases/Linux/printf-fortify-4.c | 22 | ||||
-rw-r--r-- | test/asan/TestCases/Linux/printf-fortify-5.c | 18 |
5 files changed, 98 insertions, 0 deletions
diff --git a/test/asan/TestCases/Linux/printf-fortify-1.c b/test/asan/TestCases/Linux/printf-fortify-1.c new file mode 100644 index 000000000..2e0c70c1e --- /dev/null +++ b/test/asan/TestCases/Linux/printf-fortify-1.c @@ -0,0 +1,18 @@ +// RUN: %clang -fPIC -shared -O2 -D_FORTIFY_SOURCE=2 -D_DSO %s -o %t.so +// RUN: %clang_asan -o %t %t.so %s +// RUN: not %run %t 2>&1 | FileCheck %s +// UNSUPPORTED: android +#ifdef _DSO +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +__attribute__((noinline)) int foo() { + char *write_buffer = (char *)malloc(1); + // CHECK: AddressSanitizer: heap-buffer-overflow + sprintf(write_buffer, "%s_%s", "one", "two"); + return write_buffer[0]; +} +#else +extern int foo(); +int main() { return foo(); } +#endif diff --git a/test/asan/TestCases/Linux/printf-fortify-2.c b/test/asan/TestCases/Linux/printf-fortify-2.c new file mode 100644 index 000000000..6ea1e00e4 --- /dev/null +++ b/test/asan/TestCases/Linux/printf-fortify-2.c @@ -0,0 +1,18 @@ +// RUN: %clang -fPIC -shared -O2 -D_FORTIFY_SOURCE=2 -D_DSO %s -o %t.so +// RUN: %clang_asan %s -o %t %t.so +// RUN: not %run %t 2>&1 | FileCheck %s +// UNSUPPORTED: android +#ifdef _DSO +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +__attribute__((noinline)) int foo() { + char *write_buffer = (char *)malloc(1); + // CHECK: AddressSanitizer: heap-buffer-overflow + snprintf(write_buffer, 4096, "%s_%s", "one", "two"); + return write_buffer[0]; +} +#else +extern int foo(); +int main() { return foo(); } +#endif diff --git a/test/asan/TestCases/Linux/printf-fortify-3.c b/test/asan/TestCases/Linux/printf-fortify-3.c new file mode 100644 index 000000000..a4b49dc98 --- /dev/null +++ b/test/asan/TestCases/Linux/printf-fortify-3.c @@ -0,0 +1,22 @@ +// RUN: %clang -shared -fPIC -D_DSO -O2 -D_FORTIFY_SOURCE=2 %s -o %t.so +// RUN: %clang_asan %s -o %t %t.so +// RUN: not %run %t 2>&1 | FileCheck %s +// UNSUPPORTED: android +#ifdef _DSO +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +__attribute__((noinline)) char foo(const char *format, ...) { + char *write_buffer = (char *)malloc(1); + va_list ap; + va_start(ap, format); + // CHECK: AddressSanitizer: heap-buffer-overflow + vsprintf(write_buffer, format, ap); + va_end(ap); + return write_buffer[0]; +} +#else +extern int foo(const char *format, ...); +int main() { return foo("%s_%s", "one", "two"); } +#endif diff --git a/test/asan/TestCases/Linux/printf-fortify-4.c b/test/asan/TestCases/Linux/printf-fortify-4.c new file mode 100644 index 000000000..57ec42f38 --- /dev/null +++ b/test/asan/TestCases/Linux/printf-fortify-4.c @@ -0,0 +1,22 @@ +// RUN: %clang -fPIC -shared -O2 -D_FORTIFY_SOURCE=2 -D_DSO %s -o %t.so +// RUN: %clang_asan %s -o %t %t.so +// RUN: not %run %t 2>&1 | FileCheck %s +// UNSUPPORTED: android +#ifdef _DSO +#include <stdarg.h> +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +__attribute__((noinline)) char foo(const char *format, ...) { + char *write_buffer = (char *)malloc(1); + va_list ap; + va_start(ap, format); + // CHECK: AddressSanitizer: heap-buffer-overflow + vsnprintf(write_buffer, 4096, format, ap); + va_end(ap); + return write_buffer[0]; +} +#else +extern int foo(const char *format, ...); +int main() { return foo("%s_%s", "one", "two"); } +#endif diff --git a/test/asan/TestCases/Linux/printf-fortify-5.c b/test/asan/TestCases/Linux/printf-fortify-5.c new file mode 100644 index 000000000..487457a90 --- /dev/null +++ b/test/asan/TestCases/Linux/printf-fortify-5.c @@ -0,0 +1,18 @@ +// RUN: %clang -fPIC -shared -O2 -D_FORTIFY_SOURCE=2 -D_DSO %s -o %t.so +// RUN: %clang_asan -o %t %t.so %s +// RUN: not %run %t 2>&1 | FileCheck %s +// UNSUPPORTED: android +#ifdef _DSO +#include <stdio.h> +#include <stdlib.h> +#include <string.h> +__attribute__((noinline)) int foo() { + char *read_buffer = (char *)malloc(1); + // CHECK: AddressSanitizer: heap-buffer-overflow + fprintf(stderr, read_buffer, 4096); + return read_buffer[0]; +} +#else +extern int foo(); +int main() { return foo(); } +#endif |