mirror of
https://github.com/capstone-engine/llvm-capstone.git
synced 2025-01-09 17:43:57 +00:00
4905550268
This revision is a part of a series of patches extending AddressSanitizer C++ container overflow detection capabilities by adding annotations, similar to those existing in std::vector, to std::string and std::deque collections. These changes allow ASan to detect cases when the instrumented program accesses memory which is internally allocated by the collection but is still not in-use (accesses before or after the stored elements for std::deque, or between the size and capacity bounds for std::string). The motivation for the research and those changes was a bug, found by Trail of Bits, in a real code where an out-of-bounds read could happen as two strings were compared via a std::equals function that took iter1_begin, iter1_end, iter2_begin iterators (with a custom comparison function). When object iter1 was longer than iter2, read out-of-bounds on iter2 could happen. Container sanitization would detect it. In revision D132522, support for non-aligned memory buffers (sharing first/last granule with other objects) was added, therefore the check for standard allocator is not necessary anymore. This patch removes the check in std::vector annotation member function (__annotate_contiguous_container) to support different allocators. If you have any questions, please email: - advenam.tacet@trailofbits.com - disconnect3d@trailofbits.com Reviewed By: #libc, #sanitizers, philnik, vitalybuka Spies: EricWF, philnik, #sanitizers, libcxx-commits Differential Revision: https://reviews.llvm.org/D136765 |
||
|---|---|---|
| .. | ||
| benchmarks | ||
| cmake | ||
| docs | ||
| include | ||
| lib | ||
| src | ||
| test | ||
| utils | ||
| .clang-format | ||
| .clang-tidy | ||
| .gitignore | ||
| appveyor-reqs-install.cmd | ||
| appveyor.yml | ||
| CMakeLists.txt | ||
| CREDITS.TXT | ||
| LICENSE.TXT | ||
| TODO.TXT | ||