review.tizen.org Git - platform/upstream/llvm.git/commit

[hwasan] Don't report short-granule shadow as overwritten.

The shadow for a short granule is stored in the last byte of the
granule. Currently, if there's a tail-overwrite report (a
buffer-overflow-write in uninstrumented code), we report the shadow byte
as a mismatch against the magic.

Fix this bug by slapping the shadow into the expected value. This also
makes sure that if the uninstrumented WRITE does clobber the shadow
byte, it reports the shadow was actually clobbered as well.

Reviewed By: eugenis, fmayer

Differential Revision: https://reviews.llvm.org/D107938

author	Mitch Phillips <31459023+hctim@users.noreply.github.com>
	Wed, 18 Aug 2021 16:36:48 +0000 (09:36 -0700)
committer	Mitch Phillips <31459023+hctim@users.noreply.github.com>
	Wed, 18 Aug 2021 18:25:57 +0000 (11:25 -0700)
commit	fd51ab634143e0c1be49a62e16616ba5ab89273e
tree	20e6fdecc93541c38eb59bcba128cf55bd6b0338	tree \| snapshot
parent	3dd8c9176be9515dc722b43d9ffb048b32ff5015	commit \| diff

compiler-rt/lib/hwasan/hwasan_allocator.cpp		diff \| blob \| history
compiler-rt/lib/hwasan/hwasan_report.cpp		diff \| blob \| history
compiler-rt/test/hwasan/TestCases/tail-magic.c		diff \| blob \| history