[compiler-rt] r289690 - [sanitizer] intercept bstring functions, patch by Kuang-che Wu (https://reviews.llvm.org/D27659)

Kostya Serebryany via llvm-commits llvm-commits at lists.llvm.org
Wed Dec 14 11:10:18 PST 2016 

Author: kcc
Date: Wed Dec 14 13:10:17 2016
New Revision: 289690

URL: http://llvm.org/viewvc/llvm-project?rev=289690&view=rev
Log:
[sanitizer] intercept bstring functions, patch by Kuang-che Wu (https://reviews.llvm.org/D27659)

Added:
    compiler-rt/trunk/test/asan/TestCases/Linux/bcmp_test.cc
    compiler-rt/trunk/test/asan/TestCases/Linux/bcopy_test.cc
    compiler-rt/trunk/test/asan/TestCases/Linux/bzero_test.cc
Modified:
    compiler-rt/trunk/lib/msan/msan_interceptors.cc
    compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
    compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h

Modified: compiler-rt/trunk/lib/msan/msan_interceptors.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/msan/msan_interceptors.cc?rev=289690&r1=289689&r2=289690&view=diff
==============================================================================
--- compiler-rt/trunk/lib/msan/msan_interceptors.cc (original)
+++ compiler-rt/trunk/lib/msan/msan_interceptors.cc Wed Dec 14 13:10:17 2016
@@ -178,10 +178,6 @@ INTERCEPTOR(void *, memset, void *s, int
   return __msan_memset(s, c, n);
 }
 
-INTERCEPTOR(void *, bcopy, const void *src, void *dest, SIZE_T n) {
-  return __msan_memmove(dest, src, n);
-}
-
 INTERCEPTOR(int, posix_memalign, void **memptr, SIZE_T alignment, SIZE_T size) {
   GET_MALLOC_STACK_TRACE;
   CHECK_EQ(alignment & (alignment - 1), 0);
@@ -1519,7 +1515,6 @@ void InitializeInterceptors() {
   INTERCEPT_FUNCTION(mempcpy);
   INTERCEPT_FUNCTION(memset);
   INTERCEPT_FUNCTION(memmove);
-  INTERCEPT_FUNCTION(bcopy);
   INTERCEPT_FUNCTION(wmemset);
   INTERCEPT_FUNCTION(wmemcpy);
   INTERCEPT_FUNCTION(wmempcpy);

Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc?rev=289690&r1=289689&r2=289690&view=diff
==============================================================================
--- compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc (original)
+++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc Wed Dec 14 13:10:17 2016
@@ -4906,6 +4906,39 @@ INTERCEPTOR(void *, __bzero, void *block
 #define INIT___BZERO
 #endif  // SANITIZER_INTERCEPT___BZERO
 
+#if SANITIZER_INTERCEPT_BZERO
+DECLARE_REAL_AND_INTERCEPTOR(void *, memset, void *, int, uptr)
+
+INTERCEPTOR(void, bzero, void *block, uptr size) {
+  WRAP(memset)(block, 0, size);
+}
+#define INIT_BZERO COMMON_INTERCEPT_FUNCTION(bzero);
+#else
+#define INIT_BZERO
+#endif  // SANITIZER_INTERCEPT_BZERO
+
+#if SANITIZER_INTERCEPT_BCOPY
+DECLARE_REAL_AND_INTERCEPTOR(void *, memmove, void *, const void *, uptr)
+
+INTERCEPTOR(void, bcopy, const void *src, void *dest, uptr size) {
+  WRAP(memmove)(dest, src, size);
+}
+#define INIT_BCOPY COMMON_INTERCEPT_FUNCTION(bcopy);
+#else
+#define INIT_BCOPY
+#endif  // SANITIZER_INTERCEPT_BCOPY
+
+#if SANITIZER_INTERCEPT_BCMP
+DECLARE_REAL_AND_INTERCEPTOR(int, memcmp, const void *, const void *, uptr)
+
+INTERCEPTOR(int, bcmp, const void *s1, const void *s2, uptr size) {
+  return WRAP(memcmp)(s1, s2, size);
+}
+#define INIT_BCMP COMMON_INTERCEPT_FUNCTION(bcmp);
+#else
+#define INIT_BCMP
+#endif  // SANITIZER_INTERCEPT_BCMP
+
 #if SANITIZER_INTERCEPT_FTIME
 INTERCEPTOR(int, ftime, __sanitizer_timeb *tp) {
   void *ctx;
@@ -6056,6 +6089,9 @@ static void InitializeCommonInterceptors
   INIT_CAPGET;
   INIT_AEABI_MEM;
   INIT___BZERO;
+  INIT_BZERO;
+  INIT_BCOPY;
+  INIT_BCMP;
   INIT_FTIME;
   INIT_XDR;
   INIT_TSEARCH;

Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h?rev=289690&r1=289689&r2=289690&view=diff
==============================================================================
--- compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h (original)
+++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h Wed Dec 14 13:10:17 2016
@@ -274,6 +274,9 @@
 #define SANITIZER_INTERCEPT_AEABI_MEM 0
 #endif
 #define SANITIZER_INTERCEPT___BZERO SI_MAC
+#define SANITIZER_INTERCEPT_BZERO SI_LINUX || SI_FREEBSD || SI_MAC
+#define SANITIZER_INTERCEPT_BCOPY SI_LINUX || SI_FREEBSD || SI_MAC
+#define SANITIZER_INTERCEPT_BCMP SI_LINUX || SI_FREEBSD || SI_MAC
 #define SANITIZER_INTERCEPT_FTIME !SI_FREEBSD && SI_NOT_WINDOWS
 #define SANITIZER_INTERCEPT_XDR SI_LINUX_NOT_ANDROID
 #define SANITIZER_INTERCEPT_TSEARCH SI_LINUX_NOT_ANDROID || SI_MAC

Added: compiler-rt/trunk/test/asan/TestCases/Linux/bcmp_test.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/Linux/bcmp_test.cc?rev=289690&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/Linux/bcmp_test.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/Linux/bcmp_test.cc Wed Dec 14 13:10:17 2016
@@ -0,0 +1,23 @@
+// RUN: %clangxx_asan  %s -o %t
+// RUN: not %run %t   2>&1 | FileCheck %s --check-prefix=A1
+// RUN: not %run %t 1 2>&1 | FileCheck %s --check-prefix=A2
+// RUN: %env_asan_opts=intercept_memcmp=0 %run %t
+
+#include <strings.h>
+int main(int argc, char **argv) {
+  char a1[] = {1, 2, 3, 4, 5, 6, 7, 8};
+  char a2[] = {3, 4, 5, 6, 7, 8, 9};
+  int res;
+  if (argc == 1)
+    res = bcmp(a1, a2, sizeof(a1));  // BOOM
+  else
+    res = bcmp(a2, a1, sizeof(a1));  // BOOM
+  // A1: AddressSanitizer: stack-buffer-overflow
+  // A1: {{#0.*memcmp}}
+  // A1: 'a2' <== Memory access at offset
+  //
+  // A2: AddressSanitizer: stack-buffer-overflow
+  // A2: {{#0.*memcmp}}
+  // A2: 'a2' <== Memory access at offset
+  return res == 0;
+}

Added: compiler-rt/trunk/test/asan/TestCases/Linux/bcopy_test.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/Linux/bcopy_test.cc?rev=289690&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/Linux/bcopy_test.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/Linux/bcopy_test.cc Wed Dec 14 13:10:17 2016
@@ -0,0 +1,22 @@
+// RUN: %clangxx_asan  %s -o %t
+// RUN: not %run %t   2>&1 | FileCheck %s --check-prefix=A1
+// RUN: not %run %t 1 2>&1 | FileCheck %s --check-prefix=A2
+// RUN: %env_asan_opts=replace_intrin=0 %run %t
+
+#include <strings.h>
+int main(int argc, char **argv) {
+  char a1[] = {1, 2, 3, 4, 5, 6, 7, 8};
+  char a2[] = {3, 4, 5, 6, 7, 8, 9};
+  if (argc == 1)
+    bcopy(a1, a2, sizeof(a1));  // BOOM
+  else
+    bcopy(a2, a1, sizeof(a1));  // BOOM
+  // A1: AddressSanitizer: stack-buffer-overflow
+  // A1: {{#0.*memmove}}
+  // A1: 'a2' <== Memory access at offset
+  //
+  // A2: AddressSanitizer: stack-buffer-overflow
+  // A2: {{#0.*memmove}}
+  // A2: 'a2' <== Memory access at offset
+  return 0;
+}

Added: compiler-rt/trunk/test/asan/TestCases/Linux/bzero_test.cc
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/Linux/bzero_test.cc?rev=289690&view=auto
==============================================================================
--- compiler-rt/trunk/test/asan/TestCases/Linux/bzero_test.cc (added)
+++ compiler-rt/trunk/test/asan/TestCases/Linux/bzero_test.cc Wed Dec 14 13:10:17 2016
@@ -0,0 +1,13 @@
+// RUN: %clangxx_asan  %s -o %t
+// RUN: not %run %t   2>&1 | FileCheck %s --check-prefix=A1
+// RUN: %env_asan_opts=replace_intrin=0 %run %t
+
+#include <strings.h>
+int main(int argc, char **argv) {
+  char a1[] = {1, 2, 3, 4, 5, 6, 7, 8};
+  bzero(a1, sizeof(a1) + 1);  // BOOM
+  // A1: AddressSanitizer: stack-buffer-overflow
+  // A1: {{#0.*memset}}
+  // A1: 'a1' <== Memory access at offset
+  return 0;
+}

More information about the llvm-commits mailing list