File: heap-buffer-overflow-into.c

package info (click to toggle)
swiftlang 6.0.3-2
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 2,519,992 kB
  • sloc: cpp: 9,107,863; ansic: 2,040,022; asm: 1,135,751; python: 296,500; objc: 82,456; f90: 60,502; lisp: 34,951; pascal: 19,946; sh: 18,133; perl: 7,482; ml: 4,937; javascript: 4,117; makefile: 3,840; awk: 3,535; xml: 914; fortran: 619; cs: 573; ruby: 573
file content (32 lines) | stat: -rw-r--r-- 1,150 bytes parent folder | download | duplicates (4) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
 
// RUN: %clang_hwasan  %s -o %t
// RUN: not %run %t 5 10 2>&1 | FileCheck %s --check-prefix=CHECK5
// RUN: not %run %t 7 10 2>&1 | FileCheck %s --check-prefix=CHECK7
// RUN: not %run %t 8 20 2>&1 | FileCheck %s --check-prefix=CHECK8
// RUN: not %run %t 32 20 2>&1 | FileCheck %s --check-prefix=CHECK32

// REQUIRES: stable-runtime

#include <sanitizer/hwasan_interface.h>
#include <stdio.h>
#include <stdlib.h>
#include <string.h>

int main(int argc, char **argv) {
  __hwasan_enable_allocator_tagging();
  if (argc < 2) {
    fprintf(stderr, "Invalid number of arguments.");
    abort();
  }
  int read_offset = argc < 2 ? 5 : atoi(argv[1]);
  int size = argc < 3 ? 10 : atoi(argv[2]);
  char *volatile x = (char *)malloc(size);
  memset(x + read_offset, 0, 26);
  // CHECK5: Invalid access starting at offset 5
  // CHECK5: is located 5 bytes inside a 10-byte region
  // CHECK7: Invalid access starting at offset 3
  // CHECK7: is located 7 bytes inside a 10-byte region
  // CHECK8: Invalid access starting at offset 12
  // CHECK8: is located 8 bytes inside a 20-byte region
  // CHECK32: is located 12 bytes after a 20-byte region
  free(x);
}