Magic-Mirror/llvm-capstone
1
0
Fork 0
mirror of https://github.com/capstone-engine/llvm-capstone.git synced 2024-12-01 01:31:26 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

[HWASAN] Enable memcpy, memmove and memset interceptors (#70387)

Browse Source
This commit is contained in:
Kirill Stoimenov 2023-10-30 15:01:21 -07:00 committed by GitHub
parent a41b149f48
commit 91cdd7d615
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
7 changed files with 125 additions and 40 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

27
compiler-rt/lib/hwasan/hwasan_interceptors.cpp
View File

@ -90,8 +90,7 @@ struct HWAsanInterceptorContext {
# include "sanitizer_common/sanitizer_syscalls_netbsd.inc"
# define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \
do { \
} while (false)
HWASAN_WRITE_RANGE(ctx, ptr, size)
# define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
HWASAN_READ_RANGE(ctx, ptr, size)
@ -147,30 +146,6 @@ struct HWAsanInterceptorContext {
(void)(name); \
} while (false)
# define COMMON_INTERCEPTOR_MEMMOVE_IMPL(ctx, to, from, size) \
do { \
(void)(ctx); \
(void)(to); \
(void)(from); \
(void)(size); \
} while (false)
# define COMMON_INTERCEPTOR_MEMCPY_IMPL(ctx, to, from, size) \
do { \
(void)(ctx); \
(void)(to); \
(void)(from); \
(void)(size); \
} while (false)
# define COMMON_INTERCEPTOR_MEMSET_IMPL(ctx, block, c, size) \
do { \
(void)(ctx); \
(void)(block); \
(void)(c); \
(void)(size); \
} while (false)
# define COMMON_INTERCEPTOR_STRERROR() \
do { \
} while (false)

12
compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
View File

@ -56,14 +56,14 @@
#undef SANITIZER_INTERCEPT_STRCASECMP
#define SANITIZER_INTERCEPT_STRCASECMP 0
#undef SANITIZER_INTERCEPT_MEMSET
#define SANITIZER_INTERCEPT_MEMSET 0
// #undef SANITIZER_INTERCEPT_MEMSET
// #define SANITIZER_INTERCEPT_MEMSET 0
#undef SANITIZER_INTERCEPT_MEMMOVE
#define SANITIZER_INTERCEPT_MEMMOVE 0
// #undef SANITIZER_INTERCEPT_MEMMOVE
// #define SANITIZER_INTERCEPT_MEMMOVE 0
#undef SANITIZER_INTERCEPT_MEMCPY
#define SANITIZER_INTERCEPT_MEMCPY 0
// #undef SANITIZER_INTERCEPT_MEMCPY
// #define SANITIZER_INTERCEPT_MEMCPY 0
// #undef SANITIZER_INTERCEPT_MEMCMP
// #define SANITIZER_INTERCEPT_MEMCMP 0

15
compiler-rt/test/hwasan/TestCases/bcmp.cpp
View File

@ -4,11 +4,17 @@
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
// REQUIRES: !android
#include <assert.h>
#include <sanitizer/hwasan_interface.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
__attribute__((no_sanitize("hwaddress"))) void
ForceCallInterceptor(void *p, const void *a, size_t size) {
assert(bcmp(p, a, size) == 0);
}
int main(int argc, char **argv) {
__hwasan_enable_allocator_tagging();
char a[] = {static_cast<char>(argc), 2, 3, 4};
@ -16,13 +22,14 @@ int main(int argc, char **argv) {
char *p = (char *)malloc(size);
memcpy(p, a, size);
free(p);
return bcmp(p, a, size);
ForceCallInterceptor(p, a, size);
return 0;
// CHECK: HWAddressSanitizer: tag-mismatch on address
// CHECK: READ of size 4
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-3]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-4]]
// CHECK: Cause: use-after-free
// CHECK: freed by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-7]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-8]]
// CHECK: previously allocated by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-11]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}bcmp.cpp:[[@LINE-12]]
}

15
compiler-rt/test/hwasan/TestCases/memcmp.cpp
View File

@ -3,11 +3,17 @@
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
#include <assert.h>
#include <sanitizer/hwasan_interface.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
__attribute__((no_sanitize("hwaddress"))) void
ForceCallInterceptor(void *p, const void *a, size_t size) {
assert(memcmp(p, a, size) == 0);
}
int main(int argc, char **argv) {
__hwasan_enable_allocator_tagging();
char a[] = {static_cast<char>(argc), 2, 3, 4};
@ -15,13 +21,14 @@ int main(int argc, char **argv) {
char *p = (char *)malloc(size);
memcpy(p, a, size);
free(p);
return memcmp(p, a, size);
ForceCallInterceptor(p, a, size);
return 0;
// CHECK: HWAddressSanitizer: tag-mismatch on address
// CHECK: READ of size 4
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-3]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-4]]
// CHECK: Cause: use-after-free
// CHECK: freed by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-7]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-8]]
// CHECK: previously allocated by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-11]]
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcmp.cpp:[[@LINE-12]]
}

32
compiler-rt/test/hwasan/TestCases/memcpy.cpp Normal file
View File

@ -0,0 +1,32 @@
// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
#include <sanitizer/hwasan_interface.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
__attribute__((no_sanitize("hwaddress"))) void
ForceCallInterceptor(void *p, const void *a, size_t size) {
memcpy(p, a, size);
}
int main(int argc, char **argv) {
__hwasan_enable_allocator_tagging();
char a[] = {static_cast<char>(argc), 2, 3, 4};
int size = sizeof(a);
char *volatile p = (char *)malloc(size);
free(p);
ForceCallInterceptor(p, a, size);
return 0;
// CHECK: HWAddressSanitizer: tag-mismatch on address
// CHECK: WRITE of size 4
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-4]]
// CHECK: Cause: use-after-free
// CHECK: freed by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-8]]
// CHECK: previously allocated by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-11]]
}

32
compiler-rt/test/hwasan/TestCases/memmove.cpp Normal file
View File

@ -0,0 +1,32 @@
// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
#include <sanitizer/hwasan_interface.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
__attribute__((no_sanitize("hwaddress"))) void
ForceCallInterceptor(void *p, const void *a, size_t size) {
memmove(p, a, size);
}
int main(int argc, char **argv) {
__hwasan_enable_allocator_tagging();
char a[] = {static_cast<char>(argc), 2, 3, 4};
int size = sizeof(a);
char *volatile p = (char *)malloc(size);
free(p);
ForceCallInterceptor(p, a, size);
return 0;
// CHECK: HWAddressSanitizer: tag-mismatch on address
// CHECK: WRITE of size 4
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-4]]
// CHECK: Cause: use-after-free
// CHECK: freed by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-8]]
// CHECK: previously allocated by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-11]]
}

32
compiler-rt/test/hwasan/TestCases/memset.cpp Normal file
View File

@ -0,0 +1,32 @@
// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
#include <sanitizer/hwasan_interface.h>
#include <stdlib.h>
#include <string.h>
#include <unistd.h>
__attribute__((no_sanitize("hwaddress"))) void
ForceCallInterceptor(void *p, int c, size_t size) {
memset(p, c, size) == nullptr;
}
int main(int argc, char **argv) {
__hwasan_enable_allocator_tagging();
char a[] = {static_cast<char>(argc), 2, 3, 4};
int size = sizeof(a);
char *volatile p = (char *)malloc(size);
free(p);
ForceCallInterceptor(p, 0, size);
return 0;
// CHECK: HWAddressSanitizer: tag-mismatch on address
// CHECK: WRITE of size 4
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memset.cpp:[[@LINE-4]]
// CHECK: Cause: use-after-free
// CHECK: freed by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memset.cpp:[[@LINE-8]]
// CHECK: previously allocated by thread
// CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memset.cpp:[[@LINE-11]]
}