https://llvm.org/bugs/show_bug.cgi?id=23230
Bug ID: 23230
Summary: asan/TestCases/strtol_strict.c is sensitive to heap
content
Product: compiler-rt
Version: unspecified
Hardware: PC
OS: Linux
Status: NEW
Severity: normal
Priority: P
Component: compiler-rt
Assignee: [email protected]
Reporter: [email protected]
CC: [email protected]
Classification: Unclassified
asan/TestCases/strtol_strict.c has
void test3(char *array, char *endptr) {
// Buffer overflow if base is invalid.
long r = strtol(array - 1, NULL, -1);
assert(r == 0);
}
...
int main(int argc, char **argv) {
char *array = (char*)malloc(3);
char *endptr = NULL;
array[0] = '1';
array[1] = '2';
array[2] = '3';
...
if (!strcmp(argv[1], "test3")) test3(array, endptr);
// CHECK3: {{.*ERROR: AddressSanitizer: heap-buffer-overflow on address}}
// CHECK3: READ of size 5
When array[-1] happens to be '\0', we will get
READ of size 1 at 0x60200000efef thread T0
instead of
READ of size 5 at 0x60200000efef thread T0
--
You are receiving this mail because:
You are on the CC list for the bug.
_______________________________________________
LLVMbugs mailing list
[email protected]
http://lists.cs.uiuc.edu/mailman/listinfo/llvmbugs
