Gitiles
Code Review Sign In
gerrit-public.fairphone.software / toolchain / llvm-project / f189cb79d4d532ed2abe44b7076399120621719d / . / compiler-rt / test / scudo / overflow.cpp
blob: d12824578524e655462a1d07808733cc05bec8d9 [file] [log] [blame]
Kostya Serebryany712fc982016-06-07 01:20:26 +0000[diff] [blame]1// RUN: %clang_scudo %s -o %t
2// RUN: not %run %t malloc 2>&1 | FileCheck %s
3// RUN: SCUDO_OPTIONS=QuarantineSizeMb=1 not %run %t quarantine 2>&1 | FileCheck %s
4
5// Tests that header corruption of an allocated or quarantined chunk is caught.
6
7#include <assert.h>
8#include <stdlib.h>
9#include <string.h>
10
11int main(int argc, char **argv)
12{
Kostya Kortchinsky1148dc52016-11-30 17:32:20 +0000[diff] [blame]13 ssize_t offset = sizeof(void *) == 8 ? 8 : 0;
Kostya Kortchinsky8d6257b2017-02-03 20:49:42 +0000[diff] [blame]14
15 assert(argc == 2);
16
Kostya Serebryany712fc982016-06-07 01:20:26 +0000[diff] [blame]17 if (!strcmp(argv[1], "malloc")) {
18 // Simulate a header corruption of an allocated chunk (1-bit)
19 void *p = malloc(1U << 4);
Kostya Kortchinsky8d6257b2017-02-03 20:49:42 +0000[diff] [blame]20 assert(p);
Kostya Kortchinsky1148dc52016-11-30 17:32:20 +0000[diff] [blame]21 ((char *)p)[-(offset + 1)] ^= 1;
Kostya Serebryany712fc982016-06-07 01:20:26 +0000[diff] [blame]22 free(p);
23 }
24 if (!strcmp(argv[1], "quarantine")) {
25 void *p = malloc(1U << 4);
Kostya Kortchinsky8d6257b2017-02-03 20:49:42 +0000[diff] [blame]26 assert(p);
Kostya Serebryany712fc982016-06-07 01:20:26 +0000[diff] [blame]27 free(p);
28 // Simulate a header corruption of a quarantined chunk
Kostya Kortchinsky1148dc52016-11-30 17:32:20 +0000[diff] [blame]29 ((char *)p)[-(offset + 2)] ^= 1;
Kostya Serebryany712fc982016-06-07 01:20:26 +0000[diff] [blame]30 // Trigger the quarantine recycle
31 for (int i = 0; i < 0x100; i++) {
32 p = malloc(1U << 16);
33 free(p);
34 }
35 }
36 return 0;
37}
38
39// CHECK: ERROR: corrupted chunk header at address