[compiler-rt] r323278 - [scudo] Allow for weak hooks, gated by a define
Kostya Kortchinsky via llvm-commits
llvm-commits at lists.llvm.org
Tue Jan 23 15:07:42 PST 2018
Author: cryptoad
Date: Tue Jan 23 15:07:42 2018
New Revision: 323278
URL: http://llvm.org/viewvc/llvm-project?rev=323278&view=rev
Log:
[scudo] Allow for weak hooks, gated by a define
Summary:
Hooks in the allocation & deallocation paths can be a security risk (see for an
example https://scarybeastsecurity.blogspot.com/2016/11/0day-exploit-advancing-exploitation.html
which used the glibc's __free_hook to complete exploitation).
But some users have expressed a need for them, even if only for tests and
memory benchmarks. So allow for `__sanitizer_malloc_hook` &
`__sanitizer_free_hook` to be called if defined, and gate them behind a global
define `SCUDO_CAN_USE_HOOKS` defaulting to 0.
Reviewers: alekseyshl
Reviewed By: alekseyshl
Subscribers: #sanitizers, llvm-commits
Differential Revision: https://reviews.llvm.org/D42430
Modified:
compiler-rt/trunk/lib/scudo/scudo_allocator.cpp
compiler-rt/trunk/lib/scudo/scudo_platform.h
Modified: compiler-rt/trunk/lib/scudo/scudo_allocator.cpp
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/scudo/scudo_allocator.cpp?rev=323278&r1=323277&r2=323278&view=diff
==============================================================================
--- compiler-rt/trunk/lib/scudo/scudo_allocator.cpp (original)
+++ compiler-rt/trunk/lib/scudo/scudo_allocator.cpp Tue Jan 23 15:07:42 2018
@@ -430,7 +430,8 @@ struct ScudoAllocator {
}
void *Ptr = reinterpret_cast<void *>(UserPtr);
Chunk::storeHeader(Ptr, &Header);
- // if (&__sanitizer_malloc_hook) __sanitizer_malloc_hook(Ptr, Size);
+ if (SCUDO_CAN_USE_HOOKS && &__sanitizer_malloc_hook)
+ __sanitizer_malloc_hook(Ptr, Size);
return Ptr;
}
@@ -480,7 +481,8 @@ struct ScudoAllocator {
// the TLS destructors, ending up in initialized thread specific data never
// being destroyed properly. Any other heap operation will do a full init.
initThreadMaybe(/*MinimalInit=*/true);
- // if (&__sanitizer_free_hook) __sanitizer_free_hook(Ptr);
+ if (SCUDO_CAN_USE_HOOKS && &__sanitizer_free_hook)
+ __sanitizer_free_hook(Ptr);
if (UNLIKELY(!Ptr))
return;
if (UNLIKELY(!Chunk::isAligned(Ptr))) {
Modified: compiler-rt/trunk/lib/scudo/scudo_platform.h
URL: http://llvm.org/viewvc/llvm-project/compiler-rt/trunk/lib/scudo/scudo_platform.h?rev=323278&r1=323277&r2=323278&view=diff
==============================================================================
--- compiler-rt/trunk/lib/scudo/scudo_platform.h (original)
+++ compiler-rt/trunk/lib/scudo/scudo_platform.h Tue Jan 23 15:07:42 2018
@@ -55,6 +55,12 @@
# define SCUDO_CAN_USE_PUBLIC_INTERFACE 1
#endif
+// Hooks in the allocation & deallocation paths can become a security concern if
+// implemented improperly, or if overwritten by an attacker. Use with caution.
+#ifndef SCUDO_CAN_USE_HOOKS
+# define SCUDO_CAN_USE_HOOKS 0
+#endif
+
namespace __scudo {
#if SANITIZER_CAN_USE_ALLOCATOR64
More information about the llvm-commits
mailing list