VS2019中使用AddressSanitizer检测内存问题
2021-04-20 本文已影响0人
龙翱天际
VS2019配置
image.pngPS:亲测只支持Release | x64,虽然官方说支持x86,但亲测出现以下错误:
==11836==Shadow memory range interleaves with an existing memory mapping. ASan cannot proceed correctly. ABORTING.
This can happen for multiple possible reasons:
1. There is a module in the range of the shadow memory
2. Some binaries are compiled with the Static CRT /MT(d) and some are built
with the Dynamic CRT /MD(d)
- this needs to be consistent across all binaries in a process, or ASan may
try to initialize the runtime twice
3. The function stack may be in the range of the shadow memory. This can
sometimes be worked around by restarting the computer and trying again
==11836==ASan shadow was supposed to be located in the [0x2fff0000-0x3fffffff] range.
问题代码1:越界
#include <iostream>
int x1[100];
int main() {
printf("Hello!\n");
x1[101] = 5; // Boom!
return 0;
}
运行结果1
=================================================================
==14924==ERROR: AddressSanitizer: global-buffer-overflow on address 0x7ff6163d7a14 at pc 0x7ff6163d10ce bp 0x0065990ff870 sp 0x0065990ff878
WRITE of size 4 at 0x7ff6163d7a14 thread T0
==14924==WARNING: Failed to use and restart external symbolizer!
#0 0x7ff6163d10cd in main C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:6
#1 0x7ff6163d1633 in __scrt_common_main_seh D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#2 0x7ffde2287973 in BaseThreadInitThunk+0x13 (C:\Windows\System32\KERNEL32.DLL+0x180017973)
#3 0x7ffde25ba2f0 in RtlUserThreadStart+0x20 (C:\Windows\SYSTEM32\ntdll.dll+0x18005a2f0)
0x7ff6163d7a14 is located 4 bytes to the right of global variable 'x1' defined in 'ConsoleApplication1.cpp:2:4' (0x7ff6163d7880) of size 400
SUMMARY: AddressSanitizer: global-buffer-overflow C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:6 in main
问题代码2:野指针
#include <iostream>
int main() {
printf("Hello!\n");
char* x2 = (char*)malloc(10 * sizeof(char*));
free(x2);
printf("%c", x2[5]); // Boom!
return 0;
}
运行结果2
=================================================================
==10072==ERROR: AddressSanitizer: heap-use-after-free on address 0x126f3b080025 at pc 0x7ff7a65b10d9 bp 0x008c8f6ff6e0 sp 0x008c8f6ff6e8
READ of size 1 at 0x126f3b080025 thread T0
==10072==WARNING: Failed to use and restart external symbolizer!
#0 0x7ff7a65b10d8 in main C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:6
#1 0x7ff7a65b1643 in __scrt_common_main_seh D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#2 0x7ffde2287973 in BaseThreadInitThunk+0x13 (C:\Windows\System32\KERNEL32.DLL+0x180017973)
#3 0x7ffde25ba2f0 in RtlUserThreadStart+0x20 (C:\Windows\SYSTEM32\ntdll.dll+0x18005a2f0)
0x126f3b080025 is located 5 bytes inside of 80-byte region [0x126f3b080020,0x126f3b080070)
freed by thread T0 here:
#0 0x7ffda093bcc2 in _asan_wrap_GlobalSize+0x49129 (C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Tools\MSVC\14.28.29910\bin\HostX86\x64\clang_rt.asan_dynamic-x86_64.dll+0x18004bcc2)
#1 0x7ff7a65b10b3 in main C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:5
#2 0x7ff7a65b1643 in __scrt_common_main_seh D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#3 0x7ffde2287973 in BaseThreadInitThunk+0x13 (C:\Windows\System32\KERNEL32.DLL+0x180017973)
#4 0x7ffde25ba2f0 in RtlUserThreadStart+0x20 (C:\Windows\SYSTEM32\ntdll.dll+0x18005a2f0)
previously allocated by thread T0 here:
#0 0x7ffda093be32 in _asan_wrap_GlobalSize+0x49299 (C:\Program Files (x86)\Microsoft Visual Studio\2019\Enterprise\VC\Tools\MSVC\14.28.29910\bin\HostX86\x64\clang_rt.asan_dynamic-x86_64.dll+0x18004be32)
#1 0x7ff7a65b10a7 in main C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:4
#2 0x7ff7a65b1643 in __scrt_common_main_seh D:\a01\_work\26\s\src\vctools\crt\vcstartup\src\startup\exe_common.inl:288
#3 0x7ffde2287973 in BaseThreadInitThunk+0x13 (C:\Windows\System32\KERNEL32.DLL+0x180017973)
#4 0x7ffde25ba2f0 in RtlUserThreadStart+0x20 (C:\Windows\SYSTEM32\ntdll.dll+0x18005a2f0)
SUMMARY: AddressSanitizer: heap-use-after-free C:\Users\Nova001845\source\repos\ConsoleApplication1\ConsoleApplication1\ConsoleApplication1.cpp:6 in main