diff options
author | Alex Shlyapnikov <alekseys@google.com> | 2017-11-06 17:43:28 +0000 |
---|---|---|
committer | Alex Shlyapnikov <alekseys@google.com> | 2017-11-06 17:43:28 +0000 |
commit | 46ec7772ac5eaf1bda65cc3cca4f49d95e559a47 (patch) | |
tree | 2c180db38302a962e334270c1cd3a10b68f931f9 | |
parent | 5df11b04709468c4b4ce5c7ed0308eb127023a52 (diff) | |
download | compiler-rt-46ec7772ac5eaf1bda65cc3cca4f49d95e559a47.tar.gz |
[Sanitizers] Check pthread_setcancel{state|type} interceptor arguments for != nullptr.
Summary:
According to man, pthread_setcancelstate's oldstate and
pthread_setcanceltype's oldtype parameters can be nullptr.
Check these parameters for != nullptr before attempting to
access their shadow memory.
Reviewers: dvyukov
Subscribers: kubamracek, llvm-commits
Differential Revision: https://reviews.llvm.org/D39626
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@317494 91177308-0d34-0410-b5e6-96231b3b80d8
-rw-r--r-- | lib/sanitizer_common/sanitizer_common_interceptors.inc | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/lib/sanitizer_common/sanitizer_common_interceptors.inc b/lib/sanitizer_common/sanitizer_common_interceptors.inc index 321126c10..16cc07020 100644 --- a/lib/sanitizer_common/sanitizer_common_interceptors.inc +++ b/lib/sanitizer_common/sanitizer_common_interceptors.inc @@ -5835,7 +5835,7 @@ INTERCEPTOR(int, pthread_setcancelstate, int state, int *oldstate) { void *ctx; COMMON_INTERCEPTOR_ENTER(ctx, pthread_setcancelstate, state, oldstate); int res = REAL(pthread_setcancelstate)(state, oldstate); - if (res == 0) + if (res == 0 && oldstate != nullptr) COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldstate, sizeof(*oldstate)); return res; } @@ -5844,7 +5844,7 @@ INTERCEPTOR(int, pthread_setcanceltype, int type, int *oldtype) { void *ctx; COMMON_INTERCEPTOR_ENTER(ctx, pthread_setcanceltype, type, oldtype); int res = REAL(pthread_setcanceltype)(type, oldtype); - if (res == 0) + if (res == 0 && oldtype != nullptr) COMMON_INTERCEPTOR_WRITE_RANGE(ctx, oldtype, sizeof(*oldtype)); return res; } |