[PATCH] D31221: Bypass potential libc's sysconf interceptors

Tue Mar 21 16:11:48 PDT 2017

alekseyshl created this revision.
Herald added a subscriber: kubamracek.

sysconf(_SC_PAGESIZE) is called very early during sanitizer init and
any instrumented code (sysconf() wrapper/interceptor will likely be
instrumented) calling back to sanitizer before init is done will
most surely crash.

2nd attempt, now with glibc version checks (https://reviews.llvm.org/D31092 was reverted).


https://reviews.llvm.org/D31221

Files:
  lib/sanitizer_common/sanitizer_linux.cc
  test/sanitizer_common/TestCases/Linux/sysconf_interceptor_bypass_test.cc


Index: test/sanitizer_common/TestCases/Linux/sysconf_interceptor_bypass_test.cc
===================================================================

--- /dev/null
+++ test/sanitizer_common/TestCases/Linux/sysconf_interceptor_bypass_test.cc
@@ -0,0 +1,25 @@
+// RUN: %clangxx -O2 %s -o %t && %run %t 2>&1 | FileCheck %s
+
+#include <stdio.h>
+
+// getauxval() used instead of sysconf() in GetPageSize() is defined starting
+// glbc version 2.16.
+#if defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 16)
+extern "C" long sysconf(int name) {
+  fprintf(stderr, "sysconf wrapper called\n");
+  return 0;
+}
+#endif  // defined(__GLIBC_PREREQ) && __GLIBC_PREREQ(2, 16)
+
+int main() {
+  // All we need to check is that the sysconf() interceptor defined above was
+  // not called. Should it get called, it will crash right there, any
+  // instrumented code executed before sanitizer init is finished will crash
+  // accessing non-initialized sanitizer internals. Even if it will not crash
+  // in some configuration, it should never be called anyway.
+  fprintf(stderr, "Passed\n");
+  // CHECK-NOT: sysconf wrapper called
+  // CHECK: Passed
+  // CHECK-NOT: sysconf wrapper called
+  return 0;
+}
Index: lib/sanitizer_common/sanitizer_linux.cc
===================================================================
--- lib/sanitizer_common/sanitizer_linux.cc
+++ lib/sanitizer_common/sanitizer_linux.cc
@@ -77,6 +77,14 @@
 #include <sys/signal.h>
 #endif
 
+#ifndef __GLIBC_PREREQ
+#define __GLIBC_PREREQ(x, y) 0
+#endif
+
+#if SANITIZER_LINUX && __GLIBC_PREREQ(2, 16)
+#include <sys/auxv.h>
+#endif
+
 #if SANITIZER_LINUX
 // <linux/time.h>
 struct kernel_timeval {
@@ -805,6 +813,8 @@
   return 4096;
 #elif SANITIZER_LINUX && (defined(__x86_64__) || defined(__i386__))
   return EXEC_PAGESIZE;
+#elif SANITIZER_LINUX && __GLIBC_PREREQ(2, 16)
+  return getauxval(AT_PAGESZ);
 #else
   return sysconf(_SC_PAGESIZE);  // EXEC_PAGESIZE may not be trustworthy.
 #endif


-------------- next part --------------
A non-text attachment was scrubbed...
Name: D31221.92567.patch
Type: text/x-patch
Size: 1961 bytes
Desc: not available
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170321/d7f253ba/attachment.bin>
