[compiler-rt] [sanitizer] Disable writes to log files for binaries in a secure context. (PR #92593)
via llvm-commits
llvm-commits at lists.llvm.org
Fri May 17 16:13:10 PDT 2024
https://github.com/bigb4ng updated https://github.com/llvm/llvm-project/pull/92593
>From 8384a68f313ef5e206dc6881e22ac90a27375590 Mon Sep 17 00:00:00 2001
From: bigb4ng <130478744+bigb4ng at users.noreply.github.com>
Date: Fri, 17 May 2024 07:26:39 +0300
Subject: [PATCH] [sanitizer] Disable using log_path with AT_SECURE.
Fix for https://github.com/google/sanitizers/issues/1130.
An original issue described by Szabolcs Nagy at https://seclists.org/oss-sec/2016/q1/363.
---
.../lib/sanitizer_common/sanitizer_file.cpp | 30 ++++++++++++++-----
1 file changed, 22 insertions(+), 8 deletions(-)
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp b/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
index 7ef499ce07b13..7c7b4187f0a2b 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_file.cpp
@@ -17,8 +17,9 @@
#if !SANITIZER_FUCHSIA
-#include "sanitizer_common.h"
-#include "sanitizer_file.h"
+# include "sanitizer_common.h"
+# include "sanitizer_file.h"
+# include "sanitizer_getauxval.h"
# include "sanitizer_interface_internal.h"
namespace __sanitizer {
@@ -36,7 +37,8 @@ void RawWrite(const char *buffer) {
void ReportFile::ReopenIfNecessary() {
mu->CheckLocked();
- if (fd == kStdoutFd || fd == kStderrFd) return;
+ if (fd == kStdoutFd || fd == kStderrFd)
+ return;
uptr pid = internal_getpid();
// If in tracer, use the parent's file.
@@ -104,6 +106,17 @@ void ReportFile::SetReportPath(const char *path) {
}
}
+ // This is so we can use the weak definition from sanitizer_getauxval.h
+ if (&getauxval && getauxval(/* AT_SECURE */ 23) != 0 && path &&
+ internal_strcmp(path, "stderr") != 0 &&
+ internal_strcmp(path, "stdout") != 0) {
+ Report(
+ "ERROR: log_path must be 'stderr' or 'stdout' for AT_SECURE "
+ "(e.g. setuid binaries), is '%s'\n",
+ path);
+ Die();
+ }
+
SpinMutexLock l(mu);
if (fd != kStdoutFd && fd != kStderrFd && fd != kInvalidFd)
CloseFile(fd);
@@ -137,7 +150,7 @@ bool ReadFileToBuffer(const char *file_name, char **buff, uptr *buff_size,
// The files we usually open are not seekable, so try different buffer sizes.
for (uptr size = kMinFileLen;; size = Min(size * 2, max_len)) {
UnmapOrDie(*buff, *buff_size);
- *buff = (char*)MmapOrDie(size, __func__);
+ *buff = (char *)MmapOrDie(size, __func__);
*buff_size = size;
fd_t fd = OpenFile(file_name, RdOnly, errno_p);
if (fd == kInvalidFd) {
@@ -223,13 +236,14 @@ char *FindPathToBinary(const char *name) {
if (FileExists(buffer.data()))
return internal_strdup(buffer.data());
}
- if (*end == '\0') break;
+ if (*end == '\0')
+ break;
beg = end + 1;
}
return nullptr;
}
-} // namespace __sanitizer
+} // namespace __sanitizer
using namespace __sanitizer;
@@ -239,13 +253,13 @@ void __sanitizer_set_report_path(const char *path) {
}
void __sanitizer_set_report_fd(void *fd) {
- report_file.fd = (fd_t)reinterpret_cast<uptr>(fd);
+ report_file.fd = (fd_t) reinterpret_cast<uptr>(fd);
report_file.fd_pid = internal_getpid();
}
const char *__sanitizer_get_report_path() {
return report_file.GetReportPath();
}
-} // extern "C"
+} // extern "C"
#endif // !SANITIZER_FUCHSIA
More information about the llvm-commits
mailing list