projects / platform / upstream / llvm.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 1807072)
[hwasan] Improve report for addresses within regions.
authorFlorian Mayer <fmayer@google.com>
Wed, 16 Jun 2021 18:38:37 +0000 (19:38 +0100)
committerFlorian Mayer <fmayer@google.com>
Thu, 17 Jun 2021 11:01:30 +0000 (12:01 +0100)
Before: ADDR is located -320 bytes to the right of 1072-byte region
After: ADDR is located 752 bytes inside 1072-byte region

Reviewed By: eugenis, walli99

Differential Revision: https://reviews.llvm.org/D104412

compiler-rt/lib/hwasan/hwasan_report.cpp patch | blob | history
compiler-rt/test/hwasan/TestCases/heap-buffer-overflow-into.c [new file with mode: 0644] patch | blob

diff --git a/compiler-rt/lib/hwasan/hwasan_report.cpp b/compiler-rt/lib/hwasan/hwasan_report.cpp
index b90a92a..7b2a85b 100644 (file)
--- a/compiler-rt/lib/hwasan/hwasan_report.cpp
+++ b/compiler-rt/lib/hwasan/hwasan_report.cpp
@@ -341,13 +341,22 @@ void PrintAddressDescription(
     uptr mem = ShadowToMem(reinterpret_cast<uptr>(candidate));
     HwasanChunkView chunk = FindHeapChunkByAddress(mem);
     if (chunk.IsAllocated()) {
+      uptr offset;
+      const char *whence;
+      if (untagged_addr < chunk.End() && untagged_addr >= chunk.Beg()) {
+        offset = untagged_addr - chunk.Beg();
+        whence = "inside";
+      } else if (candidate == left) {
+        offset = untagged_addr - chunk.End();
+        whence = "to the right of";
+      } else {
+        offset = chunk.Beg() - untagged_addr;
+        whence = "to the left of";
+      }
       Printf("%s", d.Location());
-      Printf("%p is located %zd bytes to the %s of %zd-byte region [%p,%p)\n",
-             untagged_addr,
-             candidate == left ? untagged_addr - chunk.End()
-                               : chunk.Beg() - untagged_addr,
-             candidate == left ? "right" : "left", chunk.UsedSize(),
-             chunk.Beg(), chunk.End());
+      Printf("%p is located %zd bytes %s %zd-byte region [%p,%p)\n",
+             untagged_addr, offset, whence, chunk.UsedSize(), chunk.Beg(),
+             chunk.End());
       Printf("%s", d.Allocation());
       Printf("allocated here:\n");
       Printf("%s", d.Default());
diff --git a/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow-into.c b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow-into.c
new file mode 100644 (file)
index 0000000..af4256b
--- /dev/null
+++ b/compiler-rt/test/hwasan/TestCases/heap-buffer-overflow-into.c
@@ -0,0 +1,17 @@
+// RUN: %clang_hwasan  %s -o %t
+// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK
+
+// REQUIRES: stable-runtime
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdio.h>
+#include <stdlib.h>
+#include <string.h>
+
+int main(int argc, char **argv) {
+  __hwasan_enable_allocator_tagging();
+  char *volatile x = (char *)malloc(10);
+  memset(x + 5, 0, 26);
+  // CHECK: is located 5 bytes inside 10-byte region
+  free(x);
+}
Domain: System / Toolchain;