| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 1 | // Test haystack overflow in strstr function |
| Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 2 | // RUN: %clang_asan %s -o %t && %env_asan_opts=strict_string_checks=true not %run %t 2>&1 | FileCheck %s |
| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 3 | |
| 4 | // Test intercept_strstr asan option |
| 5 | // Disable other interceptors because strlen may be called inside strstr |
| Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 6 | // RUN: %env_asan_opts=intercept_strstr=false:replace_str=false %run %t 2>&1 |
| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 7 | |
| 8 | #include <assert.h> |
| 9 | #include <string.h> |
| Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 10 | #include <sanitizer/asan_interface.h> |
| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 11 | |
| 12 | int main(int argc, char **argv) { |
| 13 | char *r = 0; |
| 14 | char s2[] = "c"; |
| Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 15 | char s1[4] = "acb"; |
| 16 | __asan_poison_memory_region ((char *)&s1[2], 2); |
| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 17 | r = strstr(s1, s2); |
| Pirama Arumuga Nainar | 799172d | 2016-03-03 15:50:30 -0800 | [diff] [blame^] | 18 | // CHECK:'s1' <== Memory access at offset {{[0-9]+}} partially overflows this variable |
| Pirama Arumuga Nainar | cdce50b | 2015-07-01 12:26:56 -0700 | [diff] [blame] | 19 | assert(r == s1 + 1); |
| 20 | return 0; |
| 21 | } |