[cfe-dev] clang dataflow sanitizer vs. shared objects
Christian Convey
christian.convey at gmail.com
Wed Feb 4 11:56:03 PST 2015
Hi guys,
I'm running into some pain with dataflow sanitizer, and I'm wondering
anyone's found a good work-around.
I'm trying to analyze a code base which delegates a lot of functionality to
shared objects. The application looks up functions within the .so using
hard-coded function names. For example, "dlsym(..., "foo" );"
Unfortunately for me, the dataflow sanitizer prepends "dfsw$" to the name
of any function compiled with the dataflow sanitizer enabled. So if
function "foo" was compiled with the sanitizer enabled, I'd need to change
these dlsym invocations to something like "dlsym(..., "dfsw$foo");"
For now, I'm just black-listing ( via -fsanitize-blacklist ) every function
that's exported by one of the application's shared objects. This addresses
the symbol lookup problem, but it means my dataflow labels are lost on data
transmitted through these black-listed functions.
Does anyone know of a good workaround to this problem, and/or what a
longer-term solution might look like?
Thanks,
Christian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/cfe-dev/attachments/20150204/0696c2a7/attachment.html>
More information about the cfe-dev
mailing list