[asan] Don't raise false alarm to recv/recvfrom when MSG_TRUNC is present.
Fix https://llvm.org/bugs/show_bug.cgi?id=27673. Currenty ASan checks the return value of real recv/recvfrom to see if the written bytes fit in the buffer. That works fine most of time. However, there is an exception: (from the RECV(2) man page) MSG_TRUNC (since Linux 2.2) ... return the real length of the packet or datagram, even when it was longer than the passed buffer. ... Some programs combine MSG_TRUNC, MSG_PEEK and a single-byte buffer to peek the incoming data size without reading (much of) them. In this case, the return value is usually longer than what's been written and ASan raises a false alarm here. To avoid such false positive reports, we can use min(res, len) in COMMON_INTERCEPTOR_WRITE_RANGE checks. Differential Revision: http://reviews.llvm.org/D20280 llvm-svn: 269749
Loading
Please sign in to comment