mirrors/llvm-project
0
0
Fork 0
mirror of https://github.com/llvm/llvm-project.git synced 2025-04-25 02:16:05 +00:00
Code Issues Projects Releases Wiki Activity

[sanitizer] Mark before deref in PosixSpawnImpl

Browse Source 
Read each pointer in the argv and envp arrays before dereferencing
it; this correctly marks an error when these pointers point into
memory that has been freed.

Differential Revision: https://reviews.llvm.org/D113046
This commit is contained in:
Tamir Duberstein 2021-11-03 10:16:20 -07:00 committed by Haowei Wu
parent f79e65e61f
commit 33d9b7b4b2
1 changed files with 14 additions and 8 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
View File

@ -2431,14 +2431,20 @@ static int PosixSpawnImpl(void *ctx, RealSpawnPtr *real_posix_spawn, pid_t *pid,
char *const envp[]) {
COMMON_INTERCEPTOR_READ_RANGE(ctx, file_or_path,
internal_strlen(file_or_path) + 1);
char *const *s = argv;
for (; *s; ++s)
COMMON_INTERCEPTOR_READ_RANGE(ctx, *s, internal_strlen(*s) + 1);
COMMON_INTERCEPTOR_READ_RANGE(ctx, argv, (s - argv + 1) * sizeof(*s));
s = envp;
for (; *s; ++s)
COMMON_INTERCEPTOR_READ_RANGE(ctx, *s, internal_strlen(*s) + 1);
COMMON_INTERCEPTOR_READ_RANGE(ctx, envp, (s - envp + 1) * sizeof(*s));
if (argv) {
for (char *const *s = argv; ; ++s) {
COMMON_INTERCEPTOR_READ_RANGE(ctx, s, sizeof(*s));
if (!*s) break;
COMMON_INTERCEPTOR_READ_RANGE(ctx, *s, internal_strlen(*s) + 1);
}
}
if (envp) {
for (char *const *s = envp; ; ++s) {
COMMON_INTERCEPTOR_READ_RANGE(ctx, s, sizeof(*s));
if (!*s) break;
COMMON_INTERCEPTOR_READ_RANGE(ctx, *s, internal_strlen(*s) + 1);
}
}
int res =
real_posix_spawn(pid, file_or_path, file_actions, attrp, argv, envp);
if (res == 0)