mirror of
https://github.com/capstone-engine/llvm-capstone.git
synced 2025-02-13 05:40:59 +00:00
3b0290570b
ucrtbase.dll appears to be built with some kind of cross-module inlining, because there are calls to imported Heap* routines sprinkled throughout the code. This inlining defeats our attempts to hotpatch malloc, _malloc_base, and related functions. Failing to intercept an allocation or deallocation results in a crash when the program attempts to deallocate or reallocate memory with the wrong allocator. This change patches the IAT of ucrtbase.dll to replace the addresses of the imported Heap* functions with implementations provided by ASan. We don't globally intercept the win32 Heap* functions because they are typically used by system DLLs that run before ASan initializes. Eventually, we may want to intercept them, but for now I think this is the minimal change that will keep ASan stable. Reviewers: samsonov Differential Revision: http://reviews.llvm.org/D18413 llvm-svn: 264327
68 lines
2.8 KiB
C++
68 lines
2.8 KiB
C++
//===-- interception_linux.h ------------------------------------*- C++ -*-===//
|
|
//
|
|
// The LLVM Compiler Infrastructure
|
|
//
|
|
// This file is distributed under the University of Illinois Open Source
|
|
// License. See LICENSE.TXT for details.
|
|
//
|
|
//===----------------------------------------------------------------------===//
|
|
//
|
|
// This file is a part of AddressSanitizer, an address sanity checker.
|
|
//
|
|
// Windows-specific interception methods.
|
|
//===----------------------------------------------------------------------===//
|
|
|
|
#ifdef _WIN32
|
|
|
|
#if !defined(INCLUDED_FROM_INTERCEPTION_LIB)
|
|
# error "interception_win.h should be included from interception library only"
|
|
#endif
|
|
|
|
#ifndef INTERCEPTION_WIN_H
|
|
#define INTERCEPTION_WIN_H
|
|
|
|
namespace __interception {
|
|
// All the functions in the OverrideFunction() family return true on success,
|
|
// false on failure (including "couldn't find the function").
|
|
|
|
// Overrides a function by its address.
|
|
bool OverrideFunction(uptr old_func, uptr new_func, uptr *orig_old_func = 0);
|
|
|
|
// Overrides a function in a system DLL or DLL CRT by its exported name.
|
|
bool OverrideFunction(const char *name, uptr new_func, uptr *orig_old_func = 0);
|
|
|
|
// Windows-only replacement for GetProcAddress. Useful for some sanitizers.
|
|
uptr InternalGetProcAddress(void *module, const char *func_name);
|
|
|
|
// Overrides a function only when it is called from a specific DLL. For example,
|
|
// this is used to override calls to HeapAlloc/HeapFree from ucrtbase without
|
|
// affecting other third party libraries.
|
|
bool OverrideImportedFunction(const char *module_to_patch,
|
|
const char *imported_module,
|
|
const char *function_name, uptr new_function,
|
|
uptr *orig_old_func);
|
|
|
|
} // namespace __interception
|
|
|
|
#if defined(INTERCEPTION_DYNAMIC_CRT)
|
|
#define INTERCEPT_FUNCTION_WIN(func) \
|
|
::__interception::OverrideFunction(#func, \
|
|
(::__interception::uptr)WRAP(func), \
|
|
(::__interception::uptr *)&REAL(func))
|
|
#else
|
|
#define INTERCEPT_FUNCTION_WIN(func) \
|
|
::__interception::OverrideFunction((::__interception::uptr)func, \
|
|
(::__interception::uptr)WRAP(func), \
|
|
(::__interception::uptr *)&REAL(func))
|
|
#endif
|
|
|
|
#define INTERCEPT_FUNCTION_VER_WIN(func, symver) INTERCEPT_FUNCTION_WIN(func)
|
|
|
|
#define INTERCEPT_FUNCTION_DLLIMPORT(user_dll, provider_dll, func) \
|
|
::__interception::OverrideImportedFunction( \
|
|
user_dll, provider_dll, #func, (::__interception::uptr)WRAP(func), \
|
|
(::__interception::uptr *)&REAL(func))
|
|
|
|
#endif // INTERCEPTION_WIN_H
|
|
#endif // _WIN32
|