Movatterモバイル変換


[0]ホーム

URL:


Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

Sign up
Appearance settings

AddressSanitizerExampleUseAfterFree

Alexander Potapenko edited this pageAug 31, 2015 ·2 revisions
// RUN: clang -O -g -fsanitize=address %t && ./a.outint main(int argc, char **argv) {  int *array = new int[100];  delete [] array;  return array[argc];  // BOOM}
===================================================================6254== ERROR: AddressSanitizer: heap-use-after-free on address 0x603e0001fc64 at pc 0x417f6a bp 0x7fff626b3250 sp 0x7fff626b3248READ of size 4 at 0x603e0001fc64 thread T0    #0 0x417f69 in main example_UseAfterFree.cc:5    #1 0x7fae62b5076c (/lib/x86_64-linux-gnu/libc.so.6+0x2176c)    #2 0x417e54 (a.out+0x417e54)0x603e0001fc64 is located 4 bytes inside of 400-byte region [0x603e0001fc60,0x603e0001fdf0)freed by thread T0 here:    #0 0x40d4d2 in operator delete[](void*) /home/kcc/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:61    #1 0x417f2e in main example_UseAfterFree.cc:4previously allocated by thread T0 here:    #0 0x40d312 in operator new[](unsigned long) /home/kcc/llvm/projects/compiler-rt/lib/asan/asan_new_delete.cc:46    #1 0x417f1e in main example_UseAfterFree.cc:3Shadow bytes around the buggy address:  0x1c07c0003f30: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  0x1c07c0003f40: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  0x1c07c0003f50: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  0x1c07c0003f60: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  0x1c07c0003f70: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa=>0x1c07c0003f80: fa fa fa fa fa fa fa fa fa fa fa fa[fd]fd fd fd  0x1c07c0003f90: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd  0x1c07c0003fa0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd fd  0x1c07c0003fb0: fd fd fd fd fd fd fd fd fd fd fd fd fd fd fa fa  0x1c07c0003fc0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa  0x1c07c0003fd0: fa fa fa fa fa fa fa fa fa fa fa fa fa fa fa faShadow byte legend (one shadow byte represents 8 application bytes):  Addressable:           00  Partially addressable: 01 02 03 04 05 06 07   Heap left redzone:     fa  Heap righ redzone:     fb  Freed Heap region:     fd  Stack left redzone:    f1  Stack mid redzone:     f2  Stack right redzone:   f3  Stack partial redzone: f4  Stack after return:    f5  Stack use after scope: f8  Global redzone:        f9  Global init order:     f6  Poisoned by user:      f7  ASan internal:         fe==6254== ABORTING

ReadAddressSanitizerCallStack about symbolizing callstack

Clone this wiki locally


[8]ページ先頭

©2009-2026 Movatter.jp