compiler-rt/test/scudo/overflow.c

   1 // RUN: %clang_scudo %s -o %t
   2 // RUN:                                     not %run %t malloc     2>&1 | FileCheck %s
   3 // RUN: %env_scudo_opts=QuarantineSizeKb=64 not %run %t quarantine 2>&1 | FileCheck %s
   4
   5 // Tests that header corruption of an allocated or quarantined chunk is caught.
   6
   7 #include <assert.h>
   8 #include <stdlib.h>
   9 #include <string.h>
  10
  11 int main(int argc, char **argv) {
  12   ssize_t offset = sizeof(void *) == 8 ? 8 : 0;
  13
  14   assert(argc == 2);
  15
  16   if (!strcmp(argv[1], "malloc")) {
  17     // Simulate a header corruption of an allocated chunk (1-bit)
  18     void *p = malloc(1U << 4);
  19     assert(p);
  20     ((char *)p)[-(offset + 1)] ^= 1;
  21     free(p);
  22   }
  23   if (!strcmp(argv[1], "quarantine")) {
  24     void *p = malloc(1U << 4);
  25     assert(p);
  26     free(p);
  27     // Simulate a header corruption of a quarantined chunk
  28     ((char *)p)[-(offset + 2)] ^= 1;
  29     // Trigger the quarantine recycle
  30     for (int i = 0; i < 0x100; i++) {
  31       p = malloc(1U << 8);
  32       free(p);
  33     }
  34   }
  35   return 0;
  36 }
  37
  38 // CHECK: ERROR: corrupted chunk header at address