1// RUN: %clang -shared -fPIC -D_DSO -O2 -D_FORTIFY_SOURCE=2 %s -o %t.so
2// RUN: %clang_asan %s -o %t %t.so
3// RUN: not %run %t 2>&1 | FileCheck %s
4// REQUIRES: glibc-2.27
5#ifdef _DSO
6#include <stdarg.h>
7#include <stdio.h>
8#include <stdlib.h>
9#include <string.h>
10__attribute__((noinline)) char foo(const char *format, ...) {
11 char *write_buffer = (char *)malloc(1);
12 va_list ap;
13 va_start(ap, format);
14 // CHECK: AddressSanitizer: heap-buffer-overflow
15 vsprintf(write_buffer, format, ap);
16 va_end(ap);
17 return write_buffer[0];
18}
19#else
20extern int foo(const char *format, ...);
21int main() { return foo(format: "%s_%s", "one", "two"); }
22#endif
23

source code of compiler-rt/test/asan/TestCases/Linux/printf-fortify-3.c