[compiler-rt] r298650 - [asan] Add an interceptor for strtok
Vitaly Buka via llvm-commits
llvm-commits at lists.llvm.org
Thu Mar 23 15:38:28 PDT 2017
Could you please take a look
http://lab.llvm.org:8011/builders/sanitizer-windows/builds/8551 ?
On Thu, Mar 23, 2017 at 2:52 PM Alex Shlyapnikov via llvm-commits <
llvm-commits at lists.llvm.org> wrote:
> Author: alekseyshl
> Date: Thu Mar 23 16:39:52 2017
> New Revision: 298650
>
> URL: http://llvm.org/viewvc/llvm-project?rev=298650&view=rev
> Log:
> [asan] Add an interceptor for strtok
>
> Summary:
> This change addresses https://github.com/google/sanitizers/issues/766. I
> tested the change with make check-asan and the newly added test case.
>
> Reviewers: ygribov, kcc, alekseyshl
>
> Subscribers: kubamracek, llvm-commits
>
> Patch by mrigger
>
> Differential Revision: https://reviews.llvm.org/D30384
>
> Added:
> compiler-rt/trunk/test/asan/TestCases/strtok.c
> Modified:
>
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc
>
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
>
> Modified:
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc?rev=298650&r1=298649&r2=298650&view=diff
>
> ==============================================================================
> ---
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> (original)
> +++
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_common_interceptors.inc
> Thu Mar 23 16:39:52 2017
> @@ -495,6 +495,52 @@ INTERCEPTOR(char*, strcasestr, const cha
> #define INIT_STRCASESTR
> #endif
>
> +#if SANITIZER_INTERCEPT_STRTOK
> +
> +INTERCEPTOR(char*, strtok, char *str, const char *delimiters) {
> + void *ctx;
> + COMMON_INTERCEPTOR_ENTER(ctx, strtok, str, delimiters);
> + if (!common_flags()->intercept_strtok) {
> + return REAL(strtok)(str, delimiters);
> + }
> + if (common_flags()->strict_string_checks) {
> + // If strict_string_checks is enabled, we check the whole first
> argument
> + // string on the first call (strtok saves this string in a static
> buffer
> + // for subsequent calls). We do not need to check strtok's result.
> + // As the delimiters can change, we check them every call.
> + if (str != nullptr) {
> + COMMON_INTERCEPTOR_READ_RANGE(ctx, str, REAL(strlen)(str) + 1);
> + }
> + COMMON_INTERCEPTOR_READ_RANGE(ctx, delimiters,
> + REAL(strlen)(delimiters) + 1);
> + return REAL(strtok)(str, delimiters);
> + } else {
> + // However, when strict_string_checks is disabled we cannot check the
> + // whole string on the first call. Instead, we check the result string
> + // which is guaranteed to be a NULL-terminated substring of the first
> + // argument. We also conservatively check one character of str and the
> + // delimiters.
> + if (str != nullptr) {
> + COMMON_INTERCEPTOR_READ_STRING(ctx, str, 1);
> + }
> + COMMON_INTERCEPTOR_READ_RANGE(ctx, delimiters, 1);
> + char *result = REAL(strtok)(str, delimiters);
> + if (result != nullptr) {
> + COMMON_INTERCEPTOR_READ_RANGE(ctx, result, REAL(strlen)(result) +
> 1);
> + } else if (str != nullptr) {
> + // No delimiter were found, it's safe to assume that the entire str
> was
> + // scanned.
> + COMMON_INTERCEPTOR_READ_RANGE(ctx, str, REAL(strlen)(str) + 1);
> + }
> + return result;
> + }
> +}
> +
> +#define INIT_STRTOK COMMON_INTERCEPT_FUNCTION(strtok)
> +#else
> +#define INIT_STRTOK
> +#endif
> +
> #if SANITIZER_INTERCEPT_MEMMEM
> DECLARE_WEAK_INTERCEPTOR_HOOK(__sanitizer_weak_hook_memmem, uptr
> called_pc,
> const void *s1, SIZE_T len1, const void *s2,
> @@ -6079,6 +6125,7 @@ static void InitializeCommonInterceptors
> INIT_STRCHRNUL;
> INIT_STRRCHR;
> INIT_STRSPN;
> + INIT_STRTOK;
> INIT_STRPBRK;
> INIT_MEMSET;
> INIT_MEMMOVE;
>
> Modified: compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc?rev=298650&r1=298649&r2=298650&view=diff
>
> ==============================================================================
> --- compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc (original)
> +++ compiler-rt/trunk/lib/sanitizer_common/sanitizer_flags.inc Thu Mar 23
> 16:39:52 2017
> @@ -193,6 +193,9 @@ COMMON_FLAG(bool, intercept_strstr, true
> COMMON_FLAG(bool, intercept_strspn, true,
> "If set, uses custom wrappers for strspn and strcspn function
> "
> "to find more errors.")
> +COMMON_FLAG(bool, intercept_strtok, true,
> + "If set, uses a custom wrapper for the strtok function "
> + "to find more errors.")
> COMMON_FLAG(bool, intercept_strpbrk, true,
> "If set, uses custom wrappers for strpbrk function "
> "to find more errors.")
>
> Modified:
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h?rev=298650&r1=298649&r2=298650&view=diff
>
> ==============================================================================
> ---
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> (original)
> +++
> compiler-rt/trunk/lib/sanitizer_common/sanitizer_platform_interceptors.h
> Thu Mar 23 16:39:52 2017
> @@ -74,6 +74,7 @@
> #define SANITIZER_INTERCEPT_STRCMP 1
> #define SANITIZER_INTERCEPT_STRSTR 1
> #define SANITIZER_INTERCEPT_STRCASESTR SI_NOT_WINDOWS
> +#define SANITIZER_INTERCEPT_STRTOK 1
> #define SANITIZER_INTERCEPT_STRCHR 1
> #define SANITIZER_INTERCEPT_STRCHRNUL SI_UNIX_NOT_MAC
> #define SANITIZER_INTERCEPT_STRRCHR 1
>
> Added: compiler-rt/trunk/test/asan/TestCases/strtok.c
> URL:
> http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/test/asan/TestCases/strtok.c?rev=298650&view=auto
>
> ==============================================================================
> --- compiler-rt/trunk/test/asan/TestCases/strtok.c (added)
> +++ compiler-rt/trunk/test/asan/TestCases/strtok.c Thu Mar 23 16:39:52 2017
> @@ -0,0 +1,108 @@
> +// RUN: %clang_asan %s -o %t
> +
> +// Test overflows with strict_string_checks
> +
> +// RUN: %env_asan_opts=strict_string_checks=true not %run %t test1 2>&1 |
> \
> +// RUN: FileCheck %s --check-prefix=CHECK1
> +// RUN: %env_asan_opts=intercept_strtok=false%run %t test1 2>&1
> +// RUN: %env_asan_opts=strict_string_checks=true not %run %t test2 2>&1 |
> \
> +// RUN: FileCheck %s --check-prefix=CHECK2
> +// RUN: %env_asan_opts=intercept_strtok=false %run %t test2 2>&1
> +// RUN: %env_asan_opts=strict_string_checks=true not %run %t test3 2>&1 |
> \
> +// RUN: FileCheck %s --check-prefix=CHECK3
> +// RUN: %env_asan_opts=intercept_strtok=false %run %t test3 2>&1
> +// RUN: %env_asan_opts=strict_string_checks=true %run %t test4 2>&1
> +// RUN: %env_asan_opts=intercept_strtok=false %run %t test4 2>&1
> +
> +// Test overflows with !strict_string_checks
> +// RUN: %env_asan_opts=strict_string_checks=false not %run %t test5 2>&1
> | \
> +// RUN: FileCheck %s --check-prefix=CHECK5
> +// RUN: %env_asan_opts=intercept_strtok=false %run %t test5 2>&1
> +// RUN: %env_asan_opts=strict_string_checks=false not %run %t test6 2>&1
> | \
> +// RUN: FileCheck %s --check-prefix=CHECK6
> +// RUN: %env_asan_opts=intercept_strtok=false %run %t test6 2>&1
> +
> +
> +#include <assert.h>
> +#include <string.h>
> +#include <sanitizer/asan_interface.h>
> +
> +// Check that we find overflows in the delimiters on the first call
> +// with strict_string_checks.
> +void test1() {
> + char *token;
> + char s[4] = "abc";
> + char token_delimiter[2] = "b";
> + __asan_poison_memory_region ((char *)&token_delimiter[1], 2);
> + token = strtok(s, token_delimiter);
> + // CHECK1:'token_delimiter' <== Memory access at offset {{[0-9]+}}
> partially overflows this variable
> + assert(strcmp(token, "a") == 0);
> +}
> +
> +// Check that we find overflows in the delimiters on the second call (str
> == NULL)
> +// with strict_string_checks.
> +void test2() {
> + char *token;
> + char s[4] = "abc";
> + char token_delimiter[2] = "b";
> + token = strtok(s, token_delimiter);
> + assert(strcmp(token, "a") == 0);
> + __asan_poison_memory_region ((char *)&token_delimiter[1], 2);
> + token = strtok(NULL, token_delimiter);
> + // CHECK2:'token_delimiter' <== Memory access at offset {{[0-9]+}}
> partially overflows this variable
> + assert(strcmp(token, "c") == 0);
> +}
> +
> +// Check that we find overflows in the string (only on the first call)
> with strict_string_checks.
> +void test3() {
> + char *token;
> + char s[4] = "abc";
> + char token_delimiter[2] = "b";
> + __asan_poison_memory_region ((char *)&s[3], 2);
> + token = strtok(s, token_delimiter);
> + // CHECK3:'s' <== Memory access at offset {{[0-9]+}} partially
> overflows this variable
> + assert(token == s);
> +}
> +
> +// Check that we do not crash when strtok returns NULL with
> strict_string_checks.
> +void test4() {
> + char *token;
> + char s[] = "";
> + char token_delimiter[] = "a";
> + token = strtok(s, token_delimiter);
> + assert(token == NULL);
> +}
> +
> +// Check that we find overflows in the string (only on the first call)
> with !strict_string_checks.
> +void test5() {
> + char *token;
> + char s[4] = "abc";
> + char token_delimiter[2] = "d";
> + __asan_poison_memory_region ((char *)&s[2], 2);
> + __asan_poison_memory_region ((char *)&token_delimiter[1], 2);
> + token = strtok(s, token_delimiter);
> + // CHECK5:'s' <== Memory access at offset {{[0-9]+}} partially
> overflows this variable
> + assert(token == s);
> +}
> +
> +// Check that we find overflows in the delimiters (only on the first
> call) with !strict_string_checks.
> +void test6() {
> + char *token;
> + char s[4] = "abc";
> + char token_delimiter[1] = {'d'};
> + __asan_poison_memory_region ((char *)&token_delimiter[1], 2);
> + token = strtok(s, &token_delimiter[1]);
> + // CHECK6:'token_delimiter' <== Memory access at offset {{[0-9]+}}
> overflows this variable
> + assert(strcmp(token, "abc") == 0);
> +}
> +
> +int main(int argc, char **argv) {
> + if (argc != 2) return 1;
> + if (!strcmp(argv[1], "test1")) test1();
> + if (!strcmp(argv[1], "test2")) test2();
> + if (!strcmp(argv[1], "test3")) test3();
> + if (!strcmp(argv[1], "test4")) test4();
> + if (!strcmp(argv[1], "test5")) test5();
> + if (!strcmp(argv[1], "test6")) test6();
> + return 0;
> +}
>
>
> _______________________________________________
> llvm-commits mailing list
> llvm-commits at lists.llvm.org
> http://lists.llvm.org/cgi-bin/mailman/listinfo/llvm-commits
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.llvm.org/pipermail/llvm-commits/attachments/20170323/6258d903/attachment.html>
More information about the llvm-commits
mailing list