File: strstr_strict.c

package info (click to toggle)
llvm-toolchain-19 1%3A19.1.7-3
  • links: PTS, VCS
  • area: main
  • in suites: trixie
  • size: 1,998,520 kB
  • sloc: cpp: 6,951,680; ansic: 1,486,157; asm: 913,598; python: 232,024; f90: 80,126; objc: 75,281; lisp: 37,276; pascal: 16,990; sh: 10,009; ml: 5,058; perl: 4,724; awk: 3,523; makefile: 3,167; javascript: 2,504; xml: 892; fortran: 664; cs: 573
file content (31 lines) | stat: -rw-r--r-- 963 bytes parent folder | download | duplicates (26) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
 
// Test strict_string_checks option in strstr function
// RUN: %clang_asan %s -o %t && %run %t 2>&1

// Newer versions of Android's strstr() uses memchr() internally, which actually
// does trigger a heap-buffer-overflow (as it tries to find the
// null-terminator). The same applies to FreeBSD.
// UNSUPPORTED: android, target={{.*freebsd.*}}
// RUN: %env_asan_opts=strict_string_checks=false %run %t 2>&1

// RUN: %env_asan_opts=strict_string_checks=true not %run %t 2>&1 | FileCheck %s

#include <assert.h>
#include <stdlib.h>
#include <string.h>

int main(int argc, char **argv) {
  size_t size = 100;
  char fill = 'o';
  char *s1 = (char*)malloc(size);
  char *s2 = (char*)malloc(size);
  memset(s1, fill, size);
  memset(s2, fill, size);
  s2[size - 1]='\0';
  char* r = strstr(s1, s2);
  // CHECK: {{.*ERROR: AddressSanitizer: heap-buffer-overflow on address}}
  // CHECK: READ of size {{101|100}}
  assert(r == s1);
  free(s1);
  free(s2);
  return 0;
}