| CARVIEW |
Select Language
HTTP/2 200
date: Wed, 23 Jul 2025 20:10:25 GMT
content-type: text/html; charset=utf-8
cache-control: no-cache
content-security-policy: default-src 'none'; base-uri 'self'; child-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/; connect-src 'self' uploads.github.com www.githubstatus.com collector.github.com raw.githubusercontent.com api.github.com github-cloud.s3.amazonaws.com github-production-repository-file-5c1aeb.s3.amazonaws.com github-production-upload-manifest-file-7fdce7.s3.amazonaws.com github-production-user-asset-6210df.s3.amazonaws.com *.rel.tunnels.api.visualstudio.com wss://*.rel.tunnels.api.visualstudio.com objects-origin.githubusercontent.com copilot-proxy.githubusercontent.com proxy.individual.githubcopilot.com proxy.business.githubcopilot.com proxy.enterprise.githubcopilot.com *.actions.githubusercontent.com wss://*.actions.githubusercontent.com productionresultssa0.blob.core.windows.net/ productionresultssa1.blob.core.windows.net/ productionresultssa2.blob.core.windows.net/ productionresultssa3.blob.core.windows.net/ productionresultssa4.blob.core.windows.net/ productionresultssa5.blob.core.windows.net/ productionresultssa6.blob.core.windows.net/ productionresultssa7.blob.core.windows.net/ productionresultssa8.blob.core.windows.net/ productionresultssa9.blob.core.windows.net/ productionresultssa10.blob.core.windows.net/ productionresultssa11.blob.core.windows.net/ productionresultssa12.blob.core.windows.net/ productionresultssa13.blob.core.windows.net/ productionresultssa14.blob.core.windows.net/ productionresultssa15.blob.core.windows.net/ productionresultssa16.blob.core.windows.net/ productionresultssa17.blob.core.windows.net/ productionresultssa18.blob.core.windows.net/ productionresultssa19.blob.core.windows.net/ github-production-repository-image-32fea6.s3.amazonaws.com github-production-release-asset-2e65be.s3.amazonaws.com insights.github.com wss://alive.github.com api.githubcopilot.com api.individual.githubcopilot.com api.business.githubcopilot.com api.enterprise.githubcopilot.com; font-src github.githubassets.com; form-action 'self' github.com gist.github.com copilot-workspace.githubnext.com objects-origin.githubusercontent.com; frame-ancestors 'none'; frame-src viewscreen.githubusercontent.com notebooks.githubusercontent.com; img-src 'self' data: blob: github.githubassets.com media.githubusercontent.com camo.githubusercontent.com identicons.github.com avatars.githubusercontent.com private-avatars.githubusercontent.com github-cloud.s3.amazonaws.com objects.githubusercontent.com release-assets.githubusercontent.com secured-user-images.githubusercontent.com/ user-images.githubusercontent.com/ private-user-images.githubusercontent.com opengraph.githubassets.com copilotprodattachments.blob.core.windows.net/github-production-copilot-attachments/ github-production-user-asset-6210df.s3.amazonaws.com customer-stories-feed.github.com spotlights-feed.github.com objects-origin.githubusercontent.com *.githubusercontent.com; manifest-src 'self'; media-src github.com user-images.githubusercontent.com/ secured-user-images.githubusercontent.com/ private-user-images.githubusercontent.com github-production-user-asset-6210df.s3.amazonaws.com gist.github.com; script-src github.githubassets.com; style-src 'unsafe-inline' github.githubassets.com; upgrade-insecure-requests; worker-src github.githubassets.com github.com/assets-cdn/worker/ github.com/assets/ gist.github.com/assets-cdn/worker/
referrer-policy: no-referrer-when-downgrade
server-timing: pull_request_layout-fragment;desc="pull_request_layout fragment";dur=475.85234,conversation_content-fragment;desc="conversation_content fragment";dur=1328.137774,conversation_sidebar-fragment;desc="conversation_sidebar fragment";dur=500.590555,nginx;desc="NGINX";dur=0.918842,glb;desc="GLB";dur=100.576834
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: X-PJAX, X-PJAX-Container, Turbo-Visit, Turbo-Frame, X-Requested-With,Accept-Encoding, Accept, X-Requested-With
x-content-type-options: nosniff
x-frame-options: deny
x-voltron-version: fd8fbbc
x-xss-protection: 0
server: github.com
content-encoding: gzip
accept-ranges: bytes
set-cookie: _gh_sess=79Cdsj1UwitdgTHFJzvDKTKhGdMicHjl64F%2F97Berfvj7OvCmQtHuU2M799RTYyfzudG%2FrvqTn%2FmEBjvoLNwMYJEZ1m6rDDu391BUiYx1Vl06Mwed039PLAmgTyoZPKYFIV%2BcXmosbR0LVLWIPqonyO64gHfJ%2FpF3PY4NNOhk46Z21PGLnqBFC8Yg%2BhWmnF5cyXPwPNyYSCTH9lEDPljfBx3KcDJv0rfXUOVyqbZWncuXlCneWZ5jOzfFGngep%2FOWEP5CTTWcz4X8cCT2f0LqA%3D%3D--re7D2lZVIDBK3F13--afVKXdLhM3ajlcVVraJLhg%3D%3D; Path=/; HttpOnly; Secure; SameSite=Lax
set-cookie: _octo=GH1.1.457798250.1753301424; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 20:10:24 GMT; Secure; SameSite=Lax
set-cookie: logged_in=no; Path=/; Domain=github.com; Expires=Thu, 23 Jul 2026 20:10:24 GMT; HttpOnly; Secure; SameSite=Lax
x-github-request-id: 9ADC:941DF:1081D30:139A6CC:688141B0
ASan should detect writing to a `basic_string`'s reserved but uninitialized memory by davidmrdavid Β· Pull Request #5252 Β· microsoft/STL Β· GitHub
ASan should detect writing to a
ASan should detect writing to a
StephanTLavavej
changed the title
Throw under ASan when writing to a
ASan should detect writing to a Jan 28, 2025
Skip to content
Navigation Menu
{{ message }}
-
Notifications
You must be signed in to change notification settings - Fork 1.6k
ASan should detect writing to a basic_string's reserved but uninitialized memory
#5252
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. Weβll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Merged
StephanTLavavej
merged 9 commits into
microsoft:main
from
davidmrdavid:dev/dajusto/fix-asan-annotation-basic-string
Jan 29, 2025
Merged
ASan should detect writing to a basic_string's reserved but uninitialized memory
#5252
StephanTLavavej
merged 9 commits into
microsoft:main
from
davidmrdavid:dev/dajusto/fix-asan-annotation-basic-string
Jan 29, 2025
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
β¦ing - make unit test XFAIL
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
This comment was marked as resolved.
zacklj89
reviewed
Jan 27, 2025
StephanTLavavej
approved these changes
Jan 28, 2025
StephanTLavavej
changed the title
basic_string's reserved but uninitialized memorybasic_string's reserved but uninitialized memory
|
Thanks, this is great! I pushed minor nitpicks. π» I also updated the PR title (which will become the commit title) because "throw" implies throwing an exception, which isn't what ASan does. |
|
I'm mirroring this to the MSVC-internal repo - please notify me if any further changes are pushed. |
zacklj89
approved these changes
Jan 29, 2025
|
Thanks for this significant correctness fix! All shall love Address Sanitizer and despair! π§ββοΈ π π» |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
You canβt perform that action at this time.
Fixes #5251
Problem:
As described in the linked bug, the following program should throw under
/fsanitize=address:But it does not. This PR aims to fix that.
Approach:
The issue resides in
xstring'sreserveimplementation, inlined below:The call to
_Reallocate_grow_bycalls the ASan annotation machinery under the assumption that thesize(i.e the initialized memory) of the string equals it's capacity (i.e the allocated memory). You can see that in the following selected snippets of_Reallocate_grow_by:So the tactical fix is simple: To modify the ASan annotations on
reserveafter the call to_Reallocate_grow_by. This PR does just that.Investigation notes on
_Reallocate_grow_by:This bug made me suspicious that maybe there were other latent ASan annotations bugs, so I did a quick search over the utilization of
_Reallocate_grow_byin case there were other cases that seemed wrong. Spoilers: I found no such other cases.Here's the callers of
_Reallocate_grow_by, which should make it clear that it's implementation is correct in most cases.:append: the aforementioned assumption makes sense here, under reallocation.insert: the size = capacity assumption makes sense here, under reallocation, as well.The following two cases I'm less certain of, but seem ok too:
resize_and_overwrite: seems right as I don't see any post-operation size adjustements.replace: would appreciate a second eye on this one.And of course, the last one is the known buggy
reservecase.