From f0ccaf3554182da4c7a038ae96a869e0e202bd2c Mon Sep 17 00:00:00 2001 From: Maxim Ostapenko Date: Tue, 17 May 2016 07:38:27 +0000 Subject: [asan] Don't raise false alarm to recv/recvfrom when MSG_TRUNC is present. Fix https://llvm.org/bugs/show_bug.cgi?id=27673. Currenty ASan checks the return value of real recv/recvfrom to see if the written bytes fit in the buffer. That works fine most of time. However, there is an exception: (from the RECV(2) man page) MSG_TRUNC (since Linux 2.2) ... return the real length of the packet or datagram, even when it was longer than the passed buffer. ... Some programs combine MSG_TRUNC, MSG_PEEK and a single-byte buffer to peek the incoming data size without reading (much of) them. In this case, the return value is usually longer than what's been written and ASan raises a false alarm here. To avoid such false positive reports, we can use min(res, len) in COMMON_INTERCEPTOR_WRITE_RANGE checks. Differential Revision: http://reviews.llvm.org/D20280 git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@269749 91177308-0d34-0410-b5e6-96231b3b80d8 --- .../TestCases/Linux/recv_msg_trunc.cc | 36 ++++++++++++++++++++++ 1 file changed, 36 insertions(+) create mode 100644 test/sanitizer_common/TestCases/Linux/recv_msg_trunc.cc (limited to 'test') diff --git a/test/sanitizer_common/TestCases/Linux/recv_msg_trunc.cc b/test/sanitizer_common/TestCases/Linux/recv_msg_trunc.cc new file mode 100644 index 000000000..a806ce0f1 --- /dev/null +++ b/test/sanitizer_common/TestCases/Linux/recv_msg_trunc.cc @@ -0,0 +1,36 @@ +// Test that ASan doesn't raise false alarm when MSG_TRUNC is present. +// +// RUN: %clangxx %s -o %t && %run %t 2>&1 +// +// UNSUPPORTED: android + +#include +#include +#include +#include +#include +#include + +int main() { + int fd_0 = socket(AF_INET, SOCK_DGRAM, 0); + int fd_1 = socket(AF_INET, SOCK_DGRAM, 0); + struct sockaddr_in sin; + socklen_t len = sizeof(sin); + char *buf = (char *)malloc(1); + + sin.sin_family = AF_INET; + // Choose a random port to bind. + sin.sin_port = 0; + sin.sin_addr.s_addr = INADDR_ANY; + + assert(bind(fd_1, (struct sockaddr *)&sin, sizeof(sin)) == 0); + // Get the address and port binded. + assert(getsockname(fd_1, (struct sockaddr *)&sin, &len) == 0); + assert(sendto(fd_0, "hello", strlen("hello"), MSG_DONTWAIT, + (struct sockaddr *)&sin, sizeof(sin)) != -1); + assert(recv(fd_1, buf, 1, MSG_TRUNC) != -1); + free(buf); + + return 0; +} + -- cgit v1.2.3