From 30cdba68c1c34b0ff937772a9bbbccd8d90b1358 Mon Sep 17 00:00:00 2001
From: Julian Seward <jseward@acm.org>
Date: Mon, 14 Feb 2011 11:13:22 +0000
Subject: [PATCH] Merge from trunk, r11533 (helgrind, drd: _pre_mem_asciiz
 handlers: don't segfault if passed an obviously invalid address.)

git-svn-id: svn://svn.valgrind.org/valgrind/branches/VALGRIND_3_6_BRANCH@11555
---
 drd/drd_main.c     | 8 ++++++++
 helgrind/hg_main.c | 8 +++++++-
 2 files changed, 15 insertions(+), 1 deletion(-)

diff --git a/drd/drd_main.c b/drd/drd_main.c
index 712ce4ce19..4cf9f26fcc 100644
--- a/drd/drd_main.c
+++ b/drd/drd_main.c
@@ -51,6 +51,7 @@
 #include "pub_tool_replacemalloc.h"
 #include "pub_tool_threadstate.h" // VG_(get_running_tid)()
 #include "pub_tool_tooliface.h"
+#include "pub_tool_aspacemgr.h"   // VG_(am_is_valid_for_client)
 
 
 /* Local variables. */
@@ -259,6 +260,13 @@ static void drd_pre_mem_read_asciiz(const CorePart part,
    const char* p = (void*)a;
    SizeT size = 0;
 
+   // Don't segfault if the string starts in an obviously stupid
+   // place.  Actually we should check the whole string, not just
+   // the start address, but that's too much trouble.  At least
+   // checking the first byte is better than nothing.  See #255009.
+   if (!VG_(am_is_valid_for_client) (a, 1, VKI_PROT_READ))
+      return;
+
    /* Note: the expression '*p' reads client memory and may crash if the */
    /* client provided an invalid pointer !                               */
    while (*p)
diff --git a/helgrind/hg_main.c b/helgrind/hg_main.c
index 6af1a73351..d68cd10551 100644
--- a/helgrind/hg_main.c
+++ b/helgrind/hg_main.c
@@ -53,6 +53,7 @@
 #include "pub_tool_redir.h"     // sonames for the dynamic linkers
 #include "pub_tool_vki.h"       // VKI_PAGE_SIZE
 #include "pub_tool_libcproc.h"  // VG_(atfork)
+#include "pub_tool_aspacemgr.h" // VG_(am_is_valid_for_client)
 
 #include "hg_basics.h"
 #include "hg_wordset.h"
@@ -1797,7 +1798,12 @@ void evh__pre_mem_read_asciiz ( CorePart part, ThreadId tid,
    if (SHOW_EVENTS >= 1)
       VG_(printf)("evh__pre_mem_asciiz(ctid=%d, \"%s\", %p)\n", 
                   (Int)tid, s, (void*)a );
-   // FIXME: think of a less ugly hack
+   // Don't segfault if the string starts in an obviously stupid
+   // place.  Actually we should check the whole string, not just
+   // the start address, but that's too much trouble.  At least
+   // checking the first byte is better than nothing.  See #255009.
+   if (!VG_(am_is_valid_for_client) (a, 1, VKI_PROT_READ))
+      return;
    len = VG_(strlen)( (Char*) a );
    shadow_mem_cread_range( map_threads_lookup(tid), a, len+1 );
    if (len >= SCE_BIGRANGE_T && (HG_(clo_sanity_flags) & SCE_BIGRANGE))
-- 
2.47.2