dcf23e1361
Complex scenario, but reports when there's both a use-after-free and buffer-underflow that is in-page (i.e. doesn't touch the guard page) ended up generating a pretty bad report: 'Use After Free at 0x7ff392e88fef (18446744073709551615 bytes into a 1-byte allocation at 0x7ff392e88ff0) by thread 3836722 here:' (note the 2^64-bytes-into-alloc, very cool and good!) Fix up that case, and add a diagnostic about when you have both a use-after-free and a buffer-overflow that it's probably a bogus report (assuming the developer didn't *really* screw up and have a uaf+overflow bug at the same time). Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D139885
18 lines
457 B
C++
18 lines
457 B
C++
// REQUIRES: gwp_asan
|
|
// RUN: %clangxx_gwp_asan %s -o %t
|
|
// RUN: %expect_crash %run %t 2>&1 | FileCheck %s
|
|
|
|
// CHECK: GWP-ASan detected a memory error
|
|
// CHECK: Buffer Overflow at 0x{{[a-f0-9]+}} ({{[1-9][0-9]*}} bytes to the right
|
|
// CHECK-SAME: of a {{[1-9][0-9]*}}-byte allocation
|
|
|
|
#include <cstdlib>
|
|
|
|
#include "page_size.h"
|
|
|
|
int main() {
|
|
char *Ptr = reinterpret_cast<char *>(malloc(pageSize()));
|
|
volatile char x = *(Ptr + pageSize());
|
|
return 0;
|
|
}
|