https://gcc.gnu.org/bugzilla/show_bug.cgi?id=62089
Bug ID: 62089
Summary: Sanitizer may fail to instrument struct accesses
Product: gcc
Version: 4.10.0
Status: UNCONFIRMED
Severity: normal
Priority: P3
Component: sanitizer
Assignee: unassigned at gcc dot gnu.org
Reporter: y.gribov at samsung dot com
CC: dodji at gcc dot gnu.org, dvyukov at gcc dot gnu.org,
jakub at gcc dot gnu.org, kcc at gcc dot gnu.org
Asan does not emit memory checks in copy_fs_struct function and thus fails to
detect invalid access (the code based upon fs_struct.c from Linux kernel):
#include <sanitizer/asan_interface.h>
struct vfsmount {};
struct dentry {};
struct path {
struct vfsmount *mnt;
struct dentry *dentry;
};
struct fs_struct {
int users;
int lock;
int seq;
int umask;
int in_exec;
struct path root, pwd;
};
void __attribute__((noinline, noclone))
copy_fs_struct(struct fs_struct *a, struct fs_struct *b) {
a->root = b->root;
}
struct fs_struct a, b;
int
main () {
__asan_poison_memory_region (&a.root, sizeof (a.root));
copy_fs_struct (&a, &b);
return 0;
}
