From 3c2d2ca79e6295b54803ff2a5a34afc153e841e8 Mon Sep 17 00:00:00 2001
From: Andrey Drobyshev <a.drobyshev@samsung.com>
Date: Tue, 18 Dec 2018 15:44:59 +0300
Subject: [PATCH] libsanitizer: fix SVACE warnings.

  * lsan_thread.cc: return value of a function '__lsan::CurrentThreadContext'
    is dereferenced without checking.
  * sanitizer_libc.cc: casting a signed value which has type 'char' to a
    bigger unsigned integer type 'unsigned int' while initializing a
    variable.
  * sanitizer_libignore.cc: constructor may not initialize class members of
    '__sanitizer::LibIgnore'.
  * sanitizer_printf.cc: 'minimal_num_length' with type 'u8', is promoted to
    type 'int' 32b in 'minimal_num_length - pos', then sign-extended to type
    'unsigned long' 64b.
  * sanitizer_symbolizer_posix_libcdep.cc: after having been compared to NULL
    value, pointer (...)->path is passed as 1st parameter in call to function
    '__sanitizer::LLVMSymbolizer::LLVMSymbolizer', where it is dereferenced.

Change-Id: I9ebcd68362d68be8d738f4b9d5eaad3fae796f6a
Signed-off-by: Andrey Drobyshev <a.drobyshev@samsung.com>
---
 libsanitizer/lsan/lsan_thread.cc                   |  6 ++--
 libsanitizer/sanitizer_common/sanitizer_libc.cc    |  8 ++---
 .../sanitizer_common/sanitizer_libignore.cc        |  5 ++-
 libsanitizer/sanitizer_common/sanitizer_printf.cc  |  3 +-
 .../sanitizer_symbolizer_posix_libcdep.cc          | 41 ++++++++++++----------
 5 files changed, 36 insertions(+), 27 deletions(-)

diff --git a/libsanitizer/lsan/lsan_thread.cc b/libsanitizer/lsan/lsan_thread.cc
index af5ad47..2805327 100644
--- a/libsanitizer/lsan/lsan_thread.cc
+++ b/libsanitizer/lsan/lsan_thread.cc
@@ -128,8 +128,10 @@ void ThreadJoin(u32 tid) {
 }
 
 void EnsureMainThreadIDIsCorrect() {
-  if (GetCurrentThread() == 0)
-    CurrentThreadContext()->os_id = GetTid();
+  if (GetCurrentThread() == 0) {
+    ThreadContext *tc = CurrentThreadContext();
+    if (tc) tc->os_id = GetTid();
+  }
 }
 
 ///// Interface to the common LSan module. /////
diff --git a/libsanitizer/sanitizer_common/sanitizer_libc.cc b/libsanitizer/sanitizer_common/sanitizer_libc.cc
index 0b20d75..4f60bb6 100644
--- a/libsanitizer/sanitizer_common/sanitizer_libc.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_libc.cc
@@ -120,8 +120,8 @@ char* internal_strndup(const char *s, uptr n) {
 
 int internal_strcmp(const char *s1, const char *s2) {
   while (true) {
-    unsigned c1 = *s1;
-    unsigned c2 = *s2;
+    char c1 = *s1;
+    char c2 = *s2;
     if (c1 != c2) return (c1 < c2) ? -1 : 1;
     if (c1 == 0) break;
     s1++;
@@ -132,8 +132,8 @@ int internal_strcmp(const char *s1, const char *s2) {
 
 int internal_strncmp(const char *s1, const char *s2, uptr n) {
   for (uptr i = 0; i < n; i++) {
-    unsigned c1 = *s1;
-    unsigned c2 = *s2;
+    char c1 = *s1;
+    char c2 = *s2;
     if (c1 != c2) return (c1 < c2) ? -1 : 1;
     if (c1 == 0) break;
     s1++;
diff --git a/libsanitizer/sanitizer_common/sanitizer_libignore.cc b/libsanitizer/sanitizer_common/sanitizer_libignore.cc
index 4b8cbed..2163551 100644
--- a/libsanitizer/sanitizer_common/sanitizer_libignore.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_libignore.cc
@@ -16,7 +16,10 @@
 
 namespace __sanitizer {
 
-LibIgnore::LibIgnore(LinkerInitialized) {
+LibIgnore::LibIgnore(LinkerInitialized) : mutex_(), count_(0) {
+  atomic_store_relaxed(&loaded_count_, 0);
+  internal_memset(code_ranges_, 0, sizeof(code_ranges_));
+  internal_memset(libs_, 0, sizeof(libs_));
 }
 
 void LibIgnore::AddIgnoredLibrary(const char *name_templ) {
diff --git a/libsanitizer/sanitizer_common/sanitizer_printf.cc b/libsanitizer/sanitizer_common/sanitizer_printf.cc
index b6e6dbf..edeb80f 100644
--- a/libsanitizer/sanitizer_common/sanitizer_printf.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_printf.cc
@@ -62,7 +62,8 @@ static int AppendNumber(char **buff, const char *buff_end, u64 absolute_value,
   if (pos < minimal_num_length) {
     // Make sure compiler doesn't insert call to memset here.
     internal_memset(&num_buffer[pos], 0,
-                    sizeof(num_buffer[0]) * (minimal_num_length - pos));
+                    sizeof(num_buffer[0]) *
+                        ((u64)minimal_num_length - (u64)pos));
     pos = minimal_num_length;
   }
   RAW_CHECK(pos > 0);
diff --git a/libsanitizer/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc b/libsanitizer/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
index 51487b4..419ffd1 100644
--- a/libsanitizer/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
+++ b/libsanitizer/sanitizer_common/sanitizer_symbolizer_posix_libcdep.cc
@@ -410,28 +410,31 @@ void Symbolizer::PlatformPrepareForSandboxing() {}
 static SymbolizerTool *ChooseExternalSymbolizer(LowLevelAllocator *allocator) {
   const char *path = common_flags()->external_symbolizer_path;
   const char *binary_name = path ? StripModuleName(path) : "";
-  if (path && path[0] == '\0') {
-    VReport(2, "External symbolizer is explicitly disabled.\n");
-    return nullptr;
-  } else if (!internal_strcmp(binary_name, "llvm-symbolizer")) {
-    VReport(2, "Using llvm-symbolizer at user-specified path: %s\n", path);
-    return new(*allocator) LLVMSymbolizer(path, allocator);
-  } else if (!internal_strcmp(binary_name, "atos")) {
+
+  if (path) {
+    if (path[0] == '\0') {
+      VReport(2, "External symbolizer is explicitly disabled.\n");
+      return nullptr;
+    } else if (!internal_strcmp(binary_name, "llvm-symbolizer")) {
+      VReport(2, "Using llvm-symbolizer at user-specified path: %s\n", path);
+      return new(*allocator) LLVMSymbolizer(path, allocator);
+    } else if (!internal_strcmp(binary_name, "atos")) {
 #if SANITIZER_MAC
-    VReport(2, "Using atos at user-specified path: %s\n", path);
-    return new(*allocator) AtosSymbolizer(path, allocator);
+      VReport(2, "Using atos at user-specified path: %s\n", path);
+      return new(*allocator) AtosSymbolizer(path, allocator);
 #else  // SANITIZER_MAC
-    Report("ERROR: Using `atos` is only supported on Darwin.\n");
-    Die();
+      Report("ERROR: Using `atos` is only supported on Darwin.\n");
+      Die();
 #endif  // SANITIZER_MAC
-  } else if (!internal_strcmp(binary_name, "addr2line")) {
-    VReport(2, "Using addr2line at user-specified path: %s\n", path);
-    return new(*allocator) Addr2LinePool(path, allocator);
-  } else if (path) {
-    Report("ERROR: External symbolizer path is set to '%s' which isn't "
-           "a known symbolizer. Please set the path to the llvm-symbolizer "
-           "binary or other known tool.\n", path);
-    Die();
+    } else if (!internal_strcmp(binary_name, "addr2line")) {
+      VReport(2, "Using addr2line at user-specified path: %s\n", path);
+      return new(*allocator) Addr2LinePool(path, allocator);
+    } else {
+      Report("ERROR: External symbolizer path is set to '%s' which isn't "
+             "a known symbolizer. Please set the path to the llvm-symbolizer "
+             "binary or other known tool.\n", path);
+      Die();
+    }
   }
 
   // Otherwise symbolizer program is unknown, let's search $PATH
-- 
2.7.4