xref: /llvm-project/compiler-rt/test/asan/TestCases/Windows/rtlallocateheap_zero.cpp (revision 51015af773775160c22df9a8252d34270f2698a2) 
1 // RUN: %clang_cl_asan %Od %s %Fe%t %MD
2 // RUN: %env_asan_opts=windows_hook_rtl_allocators=true not %run %t 2>&1 | FileCheck %s
3 // UNSUPPORTED: asan-64-bits
4 
5 #include <assert.h>
6 #include <stdio.h>
7 #include <windows.h>
8 
9 using AllocateFunctionPtr = PVOID(__stdcall *)(PVOID, ULONG, SIZE_T);
10 using ReAllocateFunctionPtr = PVOID(__stdcall *)(PVOID, ULONG, PVOID, SIZE_T);
11 using FreeFunctionPtr = PVOID(__stdcall *)(PVOID, ULONG, PVOID);
12 
main()13 int main() {
14   HMODULE NtDllHandle = GetModuleHandle("ntdll.dll");
15   if (!NtDllHandle) {
16     puts("Couldn't load ntdll??");
17     return -1;
18   }
19 
20   auto RtlAllocateHeap_ptr = (AllocateFunctionPtr)GetProcAddress(NtDllHandle, "RtlAllocateHeap");
21   if (RtlAllocateHeap_ptr == 0) {
22     puts("Couldn't find RtlAllocateHeap");
23     return -1;
24   }
25 
26   auto RtlReAllocateHeap_ptr = (ReAllocateFunctionPtr)GetProcAddress(NtDllHandle, "RtlReAllocateHeap");
27   if (RtlReAllocateHeap_ptr == 0) {
28     puts("Couldn't find RtlReAllocateHeap");
29     return -1;
30   }
31 
32   char *buffer;
33   SIZE_T buffer_size = 32;
34   SIZE_T new_buffer_size = buffer_size * 2;
35 
36   buffer = (char *)RtlAllocateHeap_ptr(GetProcessHeap(), HEAP_ZERO_MEMORY, buffer_size);
37   assert(buffer != nullptr);
38   // Check that the buffer is zeroed.
39   for (SIZE_T i = 0; i < buffer_size; ++i) {
40     assert(buffer[i] == 0);
41   }
42   memset(buffer, 0xcc, buffer_size);
43 
44   // Zero the newly allocated memory.
45   buffer = (char *)RtlReAllocateHeap_ptr(GetProcessHeap(), HEAP_ZERO_MEMORY, buffer, new_buffer_size);
46   assert(buffer != nullptr);
47   // Check that the first part of the buffer still has the old contents.
48   for (SIZE_T i = 0; i < buffer_size; ++i) {
49     assert(buffer[i] == (char)0xcc);
50   }
51   // Check that the new part of the buffer is zeroed.
52   for (SIZE_T i = buffer_size; i < new_buffer_size; ++i) {
53     assert(buffer[i] == 0x0);
54   }
55 
56   // Shrink the buffer back down.
57   buffer = (char *)RtlReAllocateHeap_ptr(GetProcessHeap(), HEAP_ZERO_MEMORY, buffer, buffer_size);
58   assert(buffer != nullptr);
59   // Check that the first part of the buffer still has the old contents.
60   for (SIZE_T i = 0; i < buffer_size; ++i) {
61     assert(buffer[i] == (char)0xcc);
62   }
63 
64   buffer[buffer_size + 1] = 'a';
65   // CHECK: AddressSanitizer: heap-buffer-overflow on address [[ADDR:0x[0-9a-f]+]]
66   // CHECK: WRITE of size 1 at [[ADDR]] thread T0
67 }
68