summaryrefslogtreecommitdiffstats
path: root/clang/test/CodeGen/address-sanitizer-and-array-cookie.cpp
Commit message (Collapse)AuthorAgeFilesLines
* ASan+operator new[]: Add an option for more thorough operator new[] cookie ↵Filipe Cabecinhas2018-02-121-0/+9
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | poisoning Summary: Right now clang is skipping array cookie poisoning for any operator new[] which is not part of the set of replaceable global allocation functions. This commit adds a flag to tell clang to poison all operator new[] cookies. A previous review was poisoning all array cookies unconditionally, but there is an edge case which would stop working under ASan (a custom operator new[] saves whatever pointer it returned, and then accesses it). This newer revision adds a command line argument to toggle this feature. Original revision: https://reviews.llvm.org/D41301 Compiler-rt test revision with an explanation of the edge case: https://reviews.llvm.org/D41664 Reviewers: rjmccall, kcc, rsmith Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D43013 llvm-svn: 324884
* Revert "ASan+operator new[]: Fix operator new[] cookie poisoning"Filipe Cabecinhas2018-01-021-9/+1
| | | | | | | | This reverts r321645. I missed a compiler-rt test that needs updating. llvm-svn: 321647
* ASan+operator new[]: Fix operator new[] cookie poisoningFilipe Cabecinhas2018-01-021-1/+9
| | | | | | | | | | | | | | | | | | Summary: The C++ Itanium ABI says: No cookie is required if the new operator being used is ::operator new[](size_t, void*). We should only avoid poisoning the cookie if we're calling this operator, not others. This is dealt with before the call to InitializeArrayCookie. Reviewers: rjmccall, kcc, rsmith Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D41301 llvm-svn: 321645
* call __asan_load_cxx_array_cookie when loading array cookie in asan mode.Kostya Serebryany2014-08-291-1/+2
| | | | | | | | | | | | | | | | | | Summary: The current implementation of asan cookie is incorrect: we add nosanitize metadata to the cookie load, but the metadata may be lost and we will instrument the load from poisoned memory. This change replaces the load with a call to __asan_load_cxx_array_cookie (r216692) Reviewers: rsmith Reviewed By: rsmith Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D5111 llvm-svn: 216702
* [clang/asan] call __asan_poison_cxx_array_cookie after operator new[]Kostya Serebryany2014-08-261-0/+54
Summary: PR19838 When operator new[] is called and an array cookie is created we want asan to detect buffer overflow bugs that touch the cookie. For that we need to a) poison the shadow for the array cookie (call __asan_poison_cxx_array_cookie). b) ignore the legal accesses to the cookie generated by clang (add 'nosanitize' metadata) Reviewers: timurrrr, samsonov, rsmith Reviewed By: rsmith Subscribers: cfe-commits Differential Revision: http://reviews.llvm.org/D4774 llvm-svn: 216434
OpenPOWER on IntegriCloud