Hi,
to reproduce:
asan_shm_info.cpp:
#include <sys/shm.h>
int main()
{
struct shm_info shmInfo;
char dummy[10];
int ret = shmctl(0, SHM_INFO, (struct shmid_ds *) &shmInfo);
return ret;
}
clang++ -fsanitize=address -o asan_shm_info asan_shm_info.cpp
./asan_shm_info
==20192==ERROR: AddressSanitizer: stack-buffer-overflow on address
0x7fff85fa2c00 at pc 0x4551d0 bp 0x7fff85fa2b30 sp 0x7fff85fa2b08
WRITE of size 112 at 0x7fff85fa2c00 thread T0
#0 0x4551cf in __interceptor_shmctl /local/mar_/llvmtrunk/projects/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc:2700
#1 0x48d362 in main (/local/build/git/sys/src/asan_shm_info+0x48d362)
#2 0x2ae23c04ebc5 in __libc_start_main (/lib64/libc.so.6+0x1ebc5)
#3 0x48d14c in _start (/local/build/git/sys/src/asan_shm_info2+0x48d14c)
Address 0x7fff85fa2c00 is located in stack of thread T0 at offset 96 in frame
#0 0x48d21f in main (/local/build/git/sys/src/asan_shm_info+0x48d21f)
This frame has 4 object(s):
[32, 36) 'retval'
[48, 96) 'shmInfo'
[128, 138) 'dummy' <== Memory access at offset 96 partially underflows this variable
[160, 164) 'ret' <== Memory access at offset 96 partially underflows this variable
clang trunk, SuSE Linux Enterprise 11 SP1
The problem is in
projects/compiler-rt/lib/sanitizer_common/sanitizer_platform_limits_posix.cc:196
:
int shmctl_shm_info = (int)SHM_INFO;
- int shmctl_shm_stat = (int)SHM_INFO;
+ int shmctl_shm_stat = (int)SHM_STAT;
With this fix the program does not throw an error.
Best regards,
Martin
Original issue reported on code.google.com by mric...@googlemail.com on 30 Jan 2014 at 2:13
Original issue reported on code.google.com by
mric...@googlemail.com
on 30 Jan 2014 at 2:13