diff options
author | Kostya Serebryany <kcc@google.com> | 2014-10-16 20:54:52 +0000 |
---|---|---|
committer | Kostya Serebryany <kcc@google.com> | 2014-10-16 20:54:52 +0000 |
commit | 52c4fcf58da932fec911f275c1d4591dca2f69fc (patch) | |
tree | 98c3275d5be3a819fb6b63bec64ea8b2cd13a0b4 /lib/Basic | |
parent | 1bd711969ce910a6e63f24f617ce87b02afd448a (diff) |
Insert poisoned paddings between fields in C++ classes so that AddressSanitizer can find intra-object-overflow bugs
Summary:
The general approach is to add extra paddings after every field
in AST/RecordLayoutBuilder.cpp, then add code to CTORs/DTORs that poisons the paddings
(CodeGen/CGClass.cpp).
Everything is done under the flag -fsanitize-address-field-padding.
The blacklist file (-fsanitize-blacklist) allows to avoid the transformation
for given classes or source files.
See also https://code.google.com/p/address-sanitizer/wiki/IntraObjectOverflow
Test Plan: run SPEC2006 and some of the Chromium tests with -fsanitize-address-field-padding
Reviewers: samsonov, rnk, rsmith
Reviewed By: rsmith
Subscribers: majnemer, cfe-commits
Differential Revision: http://reviews.llvm.org/D5687
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@219961 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/Basic')
-rw-r--r-- | lib/Basic/SanitizerBlacklist.cpp | 5 |
1 files changed, 3 insertions, 2 deletions
diff --git a/lib/Basic/SanitizerBlacklist.cpp b/lib/Basic/SanitizerBlacklist.cpp index 7627bd0299..84ec2100b6 100644 --- a/lib/Basic/SanitizerBlacklist.cpp +++ b/lib/Basic/SanitizerBlacklist.cpp @@ -44,8 +44,9 @@ bool SanitizerBlacklist::isIn(const llvm::GlobalVariable &G, SCL->inSection("type", GetGlobalTypeString(G), Category); } -bool SanitizerBlacklist::isBlacklistedType(StringRef MangledTypeName) const { - return SCL->inSection("type", MangledTypeName); +bool SanitizerBlacklist::isBlacklistedType(StringRef MangledTypeName, + StringRef Category) const { + return SCL->inSection("type", MangledTypeName, Category); } bool SanitizerBlacklist::isBlacklistedFunction(StringRef FunctionName) const { |