libsanitizer: Make malloc/realloc/free safe via 'pointer_is_mine'

	      * libsanitizer/asan/asan_malloc_linux.cc: check pointers
	      before calling forwarding.

This change will lead to possible failures inside glibc in cases of free()'ing
wild pointers.

In usual case ASan should handle this case and provide appropriate backtrace
and error report, but this mode is not compatible with interceptor switching
functional, so we explicitly disabling it.

Change-Id: I8fc40aad4d9e6094301f6b3f3060b99140a191da
Signed-off-by: Vyacheslav Cherkashin <v.cherkashin@samsung.com>

1 files changed, 11 insertions, 6 deletions

diff --git a/libsanitizer/asan/asan_malloc_linux.cc b/libsanitizer/asan/asan_malloc_linux.cc
index babec774d0a..914c21a6adf 100644
--- a/libsanitizer/asan/asan_malloc_linux.cc
+++ b/libsanitizer/asan/asan_malloc_linux.cc
@@ -46,8 +46,10 @@ INTERCEPTOR(void, free, void *ptr) {
   GET_STACK_TRACE_FREE;
   if (UNLIKELY(IsInDlsymAllocPool(ptr)))
     return;
-  if (UNLIKELY(!asan_pointer_is_mine(ptr)))
-    MAYBE_FORWARD_TO_REAL(free, ptr);
+  if (UNLIKELY(!asan_pointer_is_mine(ptr))) {
+    REAL(free)(ptr);
+    return;
+  }
   asan_free(ptr, &stack, FROM_MALLOC);
 }
 
@@ -55,8 +57,10 @@ INTERCEPTOR(void, cfree, void *ptr) {
   GET_STACK_TRACE_FREE;
   if (UNLIKELY(IsInDlsymAllocPool(ptr)))
     return;
-  if (UNLIKELY(!asan_pointer_is_mine(ptr)))
-    MAYBE_FORWARD_TO_REAL(cfree, ptr);
+  if (UNLIKELY(!asan_pointer_is_mine(ptr))) {
+    REAL(cfree)(ptr);
+    return;
+  }
   asan_free(ptr, &stack, FROM_MALLOC);
 }
 
@@ -98,8 +102,9 @@ INTERCEPTOR(void*, realloc, void *ptr, uptr size) {
   if (UNLIKELY(asan_init_is_running))
     return AllocateFromLocalPool(size);
   ENSURE_ASAN_INITED();
-  if (UNLIKELY(!asan_pointer_is_mine(ptr)))
-    MAYBE_FORWARD_TO_REAL(realloc, ptr, size);
+  if (UNLIKELY(!asan_pointer_is_mine(ptr))) {
+    return REAL(realloc)(ptr, size);
+  }
   GET_STACK_TRACE_MALLOC;
   return asan_realloc(ptr, size, &stack);
 }