Re: [PATCH] libsanitizer: fix SIGSEGV in fopen64 interceptor

Thu, 19 Nov 2020 08:41:45 -0800 

On 11/19/20 12:28 PM, Slava Barinov via Gcc-patches wrote:

Null pointer in path argument leads to SIGSEGV in interceptor.


Hello.

I can't see we ever had the null check in master. I don't this it was lost
during a merge from master.

Why do we need the hunk?
Thanks,
Martin



libsanitizer/ChangeLog:
         * sanitizer_common/sanitizer_common_interceptors.inc: Check
        path for null before dereference in fopen64 interceptor.
---

Notes:
     Apparently check has been lost during merge from upstream

  libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc | 2 +-
  1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc 
b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
index 729eead43c0..2ef23d9a50b 100644
--- a/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/libsanitizer/sanitizer_common/sanitizer_common_interceptors.inc
@@ -6081,7 +6081,7 @@ INTERCEPTOR(__sanitizer_FILE *, freopen, const char 
*path, const char *mode,
  INTERCEPTOR(__sanitizer_FILE *, fopen64, const char *path, const char *mode) {
    void *ctx;
    COMMON_INTERCEPTOR_ENTER(ctx, fopen64, path, mode);
-  COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
+  if (path) COMMON_INTERCEPTOR_READ_RANGE(ctx, path, REAL(strlen)(path) + 1);
    COMMON_INTERCEPTOR_READ_RANGE(ctx, mode, REAL(strlen)(mode) + 1);
    __sanitizer_FILE *res = REAL(fopen64)(path, mode);
    COMMON_INTERCEPTOR_FILE_OPEN(ctx, res, path);

























					Reply via email to