[compiler-rt] [msan] Support prctl PR_GET_NAME call (PR #98951)

via llvm-commits llvm-commits at lists.llvm.org
Mon Jul 15 13:07:50 PDT 2024 

llvmbot wrote:


<!--LLVM PR SUMMARY COMMENT-->

@llvm/pr-subscribers-compiler-rt-sanitizer

Author: Chris Cotter (ccotter)

<details>
<summary>Changes</summary>

Per the man page, PR_GET_NAME stores a null terminated string into the input `char name[16]`.

This also adds prctl support in ASAN to detect freed memory being passed to `prctl(PR_GET_NAME, ...)`:

---
Full diff: https://github.com/llvm/llvm-project/pull/98951.diff


2 Files Affected:

- (modified) compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc (+11) 
- (added) compiler-rt/test/msan/prctl.cpp (+24) 


``````````diff
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
index 1df61e79f7d84..cc5f0f3c8bc33 100644
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -1251,6 +1251,7 @@ INTERCEPTOR(int, prctl, int option, unsigned long arg2, unsigned long arg3,
   void *ctx;
   COMMON_INTERCEPTOR_ENTER(ctx, prctl, option, arg2, arg3, arg4, arg5);
   static const int PR_SET_NAME = 15;
+  static const int PR_GET_NAME = 16;
   static const int PR_SET_VMA = 0x53564d41;
   static const int PR_SCHED_CORE = 62;
   static const int PR_SCHED_CORE_GET = 0;
@@ -1264,6 +1265,16 @@ INTERCEPTOR(int, prctl, int option, unsigned long arg2, unsigned long arg3,
     internal_strncpy(buff, (char *)arg2, 15);
     buff[15] = 0;
     COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, buff);
+  } else if (res != 1 && option == PR_GET_NAME) {
+    unsigned long null_index = 0;
+    char* name = (char*)arg2;
+    while (name[null_index] && null_index < 16) {
+      ++null_index;
+    }
+    if (null_index > 15) {
+      null_index = 15;
+    }
+    COMMON_INTERCEPTOR_WRITE_RANGE(ctx, (u64*)arg2, null_index+1);
   } else if (res != -1 && option == PR_SCHED_CORE && arg2 == PR_SCHED_CORE_GET) {
     COMMON_INTERCEPTOR_WRITE_RANGE(ctx, (u64*)(arg5), sizeof(u64));
   }
diff --git a/compiler-rt/test/msan/prctl.cpp b/compiler-rt/test/msan/prctl.cpp
new file mode 100644
index 0000000000000..7b8e60c98c13b
--- /dev/null
+++ b/compiler-rt/test/msan/prctl.cpp
@@ -0,0 +1,24 @@
+// RUN: %clangxx_msan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// REQUIRES: linux
+
+#include <linux/prctl.h>
+#include <sys/prctl.h>
+
+int main(void) {
+  prctl(PR_SET_NAME, "tname");
+  char name[16];
+  prctl(PR_GET_NAME, name);
+
+  if (name[0] == 'A') {
+    return 0;
+  }
+  if (name[5] != '\0') {
+    return 0;
+  }
+  if (name[6] != '\0') {
+    return 0;
+  }
+  // CHECK: SUMMARY: MemorySanitizer: use-of-uninitialized-value {{.*prctl.cpp}}:[[@LINE-3]]
+
+  return 0;
+}

``````````

</details>


https://github.com/llvm/llvm-project/pull/98951

More information about the llvm-commits mailing list