This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
lib/sanitizer_common/
-
sanitizer_common/
2
sanitizer_common.h
-
sanitizer_linux.h
2
sanitizer_mac.cc
1
sanitizer_posix.cc
12
sanitizer_suppressions.cc
1
sanitizer_win.cc
-
test/asan/TestCases/
-
asan/
-
TestCases/
-
suppressions-exec-relative-location.cc

Differential D7309

[compiler-rt] Allow suppression file paths be relative to the location of the executable.
ClosedPublic

Authored by zaks.anna on Jan 30 2015, 5:05 PM.

Download Raw Diff

Details

Reviewers

kcc
glider
samsonov
kubamracek

Summary

The ASanified executable could be launched from different locations. When we cannot find the suppression file relative to the current directory, try to see if the specified path is relative to the location of the executable.

Diff Detail

Event Timeline

zaks.anna updated this revision to Diff 19074.Jan 30 2015, 5:05 PM

zaks.anna retitled this revision from to [compiler-rt] Allow suppression file paths be relative to the location of the executable..

zaks.anna updated this object.

zaks.anna edited the test plan for this revision. (Show Details)

zaks.anna added reviewers: kubamracek, kcc, samsonov, glider.

zaks.anna added a subscriber: Unknown Object (MLST).

Alexey, any comments?
We already pick up the default blacklist from the compiler distribution at compile time.
The default suppressions are better to be similar.

lib/sanitizer_common/sanitizer_suppressions.cc
87	this is probably unfriendly to windows.
113	ditto

Thanks for working on this!

kcc@: We don't have file with default suppressions, do we?

lib/sanitizer_common/sanitizer_mac.cc
216	This can cause memory corruption if the length of the result is larger than `buf_len`. If you intend to call `realpath()`, you should probably store the result in the pre-allocated buffer of size at least `kMaxPathLength`, and then `internal_strncpy` it into `buf`. Alternatively, assert that `buf_len` is large enough.
lib/sanitizer_common/sanitizer_suppressions.cc
83	Please make the output parameter last.
87	+1. Looks like we need a named constant for path separator that would be different on POSIX/Windows. It can also be used in functions like `StripPathPrefix` or `StripModuleName`.
129	You might add a VPrintf() that would tell the actual path of the file with suppressions used by the runtime.

kcc@: We don't have file with default suppressions, do we?

We do not, but I would rather prefer to have default suppressions than to work like suggested here.

In D7309#118880, @kcc wrote:

kcc@: We don't have file with default suppressions, do we?

We do not, but I would rather prefer to have default suppressions than to work like suggested here.

I assume that the default suppressions are the bugs in libraries we already know about, correct?
My understanding is that those are currently baked into the ASan library.

This workflow is needed for cases where a user runs into an issue in a third party library, which they want to suppress. Allowing them to add the suppressions file can unblock them immediately.

me being stupid... For some reason I thought you are trying to read suppressions from a path relative to the compiler tool chain.
Ignore my previous comments. :)

Made this friendly to Windows. (Introduced "IsPathSeparator()" instead of a constant since multiple characters can serve as separators on Windows.)
Addressed all other comments.
Included a testcase, which I forgot to add the first time around.

samsonov added inline comments.Feb 17 2015, 5:03 PM

lib/sanitizer_common/sanitizer_mac.cc
217	You can merge these conditions with &&
lib/sanitizer_common/sanitizer_suppressions.cc
83	Function name looks confusing: it return an absolute path, not path relative to executable.
86	if (!ReadBinaryName(exec.data(), exec.size())) return false; ... return true;
89	You can have a buffer overflow on rel_file_path here. Consider taking a length of rel_file_path buffer as an input argument and/or using internal_strncat.
108	const
lib/sanitizer_common/sanitizer_win.cc
320	return c == '\\';

Updated to address the review comments from Alexey.

LGTM after addressing a few comments below. Thanks!

lib/sanitizer_common/sanitizer_posix.cc
301	return path != nullptr && IsPathSeparator(path[0])
lib/sanitizer_common/sanitizer_suppressions.cc
90	Max(path_to_exec_len, new_file_path_size - 1);
107	Move these declarations closer to the place where they are actually used.
127	should this be file_path?

This revision is now accepted and ready to land.Feb 18 2015, 3:45 PM

Looks good in general

lib/sanitizer_common/sanitizer_common.h
221	Nit: how about "GetBinaryName"? After all, you're not reading it on Mac.

Comments addressed and committed in r230723.

lib/sanitizer_common/sanitizer_common.h
221	The function only gets the file on Mac, but not on other platforms, so I don't think it should be renamed. (I've moved this from sanitizer_linux.h)

zaks.anna closed this revision.Jun 25 2015, 6:17 PM

Revision Contents

Path

Size

lib/

sanitizer_common/

5 lines

2 lines

17 lines

8 lines

sanitizer_suppressions.cc

35 lines

sanitizer_win.cc

13 lines

test/

asan/

TestCases/

suppressions-exec-relative-location.cc

47 lines

Diff 20225

lib/sanitizer_common/sanitizer_common.h

	Show First 20 Lines • Show All 208 Lines • ▼ Show 20 Lines
	// OS			// OS
	void DisableCoreDumperIfNecessary();			void DisableCoreDumperIfNecessary();
	void DumpProcessMap();			void DumpProcessMap();
	bool FileExists(const char *filename);			bool FileExists(const char *filename);
	const char GetEnv(const char name);			const char GetEnv(const char name);
	bool SetEnv(const char name, const char value);			bool SetEnv(const char name, const char value);
	const char *GetPwd();			const char *GetPwd();
	char FindPathToBinary(const char name);			char FindPathToBinary(const char name);
				bool IsPathSeparator(const char c);
				bool IsAbsolutePath(const char *path);

				// Returns the path to the main executable.
				uptr ReadBinaryName(/out/char *buf, uptr buf_len);
				gliderUnsubmitted Not Done Reply Inline Actions Nit: how about "GetBinaryName"? After all, you're not reading it on Mac. glider: Nit: how about "GetBinaryName"? After all, you're not reading it on Mac.
				zaks.annaAuthorUnsubmitted Not Done Reply Inline Actions The function only gets the file on Mac, but not on other platforms, so I don't think it should be renamed. (I've moved this from sanitizer_linux.h) zaks.anna: The function only gets the file on Mac, but not on other platforms, so I don't think it should…
	u32 GetUid();			u32 GetUid();
	void ReExec();			void ReExec();
	bool StackSizeIsUnlimited();			bool StackSizeIsUnlimited();
	void SetStackSizeLimitInBytes(uptr limit);			void SetStackSizeLimitInBytes(uptr limit);
	bool AddressSpaceIsUnlimited();			bool AddressSpaceIsUnlimited();
	void SetAddressSpaceUnlimited();			void SetAddressSpaceUnlimited();
	void AdjustStackSize(void *attr);			void AdjustStackSize(void *attr);
	void PrepareForSandboxing(__sanitizer_sandbox_arguments *args);			void PrepareForSandboxing(__sanitizer_sandbox_arguments *args);
	▲ Show 20 Lines • Show All 396 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_linux.h

	Show First 20 Lines • Show All 74 Lines • ▼ Show 20 Lines
	uptr ThreadDescriptorSize();			uptr ThreadDescriptorSize();
	uptr ThreadSelf();			uptr ThreadSelf();
	uptr ThreadSelfOffset();			uptr ThreadSelfOffset();

	// Matches a library's file name against a base name (stripping path and version			// Matches a library's file name against a base name (stripping path and version
	// information).			// information).
	bool LibraryNameIs(const char full_name, const char base_name);			bool LibraryNameIs(const char full_name, const char base_name);

	// Read the name of the current binary from /proc/self/exe.
	uptr ReadBinaryName(/out/char *buf, uptr buf_len);
	// Cache the value of /proc/self/exe.			// Cache the value of /proc/self/exe.
	void CacheBinaryName();			void CacheBinaryName();

	// Call cb for each region mapped by map.			// Call cb for each region mapped by map.
	void ForEachMappedRegion(link_map map, void (cb)(const void *, uptr));			void ForEachMappedRegion(link_map map, void (cb)(const void *, uptr));
	} // namespace __sanitizer			} // namespace __sanitizer

	#endif // SANITIZER_FREEBSD \|\| SANITIZER_LINUX			#endif // SANITIZER_FREEBSD \|\| SANITIZER_LINUX
	#endif // SANITIZER_LINUX_H			#endif // SANITIZER_LINUX_H

lib/sanitizer_common/sanitizer_mac.cc

Show All 25 Lines
#include "sanitizer_internal_defs.h"		#include "sanitizer_internal_defs.h"
#include "sanitizer_libc.h"		#include "sanitizer_libc.h"
#include "sanitizer_mac.h"		#include "sanitizer_mac.h"
#include "sanitizer_placement_new.h"		#include "sanitizer_placement_new.h"
#include "sanitizer_procmaps.h"		#include "sanitizer_procmaps.h"

#include <crt_externs.h> // for _NSGetEnviron		#include <crt_externs.h> // for _NSGetEnviron
#include <fcntl.h>		#include <fcntl.h>
		#include <mach-o/dyld.h>
#include <pthread.h>		#include <pthread.h>
#include <sched.h>		#include <sched.h>
#include <signal.h>		#include <signal.h>
		#include <stdlib.h>
#include <sys/mman.h>		#include <sys/mman.h>
#include <sys/resource.h>		#include <sys/resource.h>
#include <sys/stat.h>		#include <sys/stat.h>
#include <sys/sysctl.h>		#include <sys/sysctl.h>
#include <sys/types.h>		#include <sys/types.h>
#include <unistd.h>		#include <unistd.h>
#include <libkern/OSAtomic.h>		#include <libkern/OSAtomic.h>
#include <errno.h>		#include <errno.h>
▲ Show 20 Lines • Show All 154 Lines • ▼ Show 20 Lines	if (len > name_len) {
return *environ + name_len + 1; // String starting after =.		return *environ + name_len + 1; // String starting after =.
}		}
}		}
environ++;		environ++;
}		}
return 0;		return 0;
}		}

		uptr ReadBinaryName(/out/char *buf, uptr buf_len) {
		CHECK_LE(kMaxPathLength, buf_len);

		// On OS X the executable path is saved to the stack by dyld. Reading it
		// from there is much faster than calling dladdr, especially for large
		// binaries with symbols.
		InternalScopedString exe_path(kMaxPathLength);
		uint32_t size = exe_path.size();
		samsonovUnsubmitted Not Done Reply Inline Actions This can cause memory corruption if the length of the result is larger than `buf_len`. If you intend to call `realpath()`, you should probably store the result in the pre-allocated buffer of size at least `kMaxPathLength`, and then `internal_strncpy` it into `buf`. Alternatively, assert that `buf_len` is large enough. samsonov: This can cause memory corruption if the length of the result is larger than `buf_len`. If you…
		if (_NSGetExecutablePath(exe_path.data(), &size) == 0 &&
		samsonovUnsubmitted Not Done Reply Inline Actions You can merge these conditions with && samsonov: You can merge these conditions with &&
		realpath(exe_path.data(), buf) != 0) {
		return internal_strlen(buf);
		}
		return 0;
		}

void ReExec() {		void ReExec() {
UNIMPLEMENTED();		UNIMPLEMENTED();
}		}

void PrepareForSandboxing(__sanitizer_sandbox_arguments *args) {		void PrepareForSandboxing(__sanitizer_sandbox_arguments *args) {
(void)args;		(void)args;
// Nothing here for now.		// Nothing here for now.
}		}
▲ Show 20 Lines • Show All 119 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_posix.cc

Show First 20 Lines • Show All 287 Lines • ▼ Show 20 Lines	if (prefix_len + name_len + 2 <= kMaxPathLength) {
return internal_strdup(buffer.data());		return internal_strdup(buffer.data());
}		}
if (*end == '\0') break;		if (*end == '\0') break;
beg = end + 1;		beg = end + 1;
}		}
return 0;		return 0;
}		}

		bool IsPathSeparator(const char c) {
		return c == '/';
		}

		bool IsAbsolutePath(const char *path) {
		return IsPathSeparator(path[0]);
		samsonovUnsubmitted Not Done Reply Inline Actions return path != nullptr && IsPathSeparator(path[0]) samsonov: return path != nullptr && IsPathSeparator(path[0])
		}

void ReportFile::Write(const char *buffer, uptr length) {		void ReportFile::Write(const char *buffer, uptr length) {
SpinMutexLock l(mu);		SpinMutexLock l(mu);
static const char *kWriteError =		static const char *kWriteError =
"ReportFile::Write() can't output requested buffer!\n";		"ReportFile::Write() can't output requested buffer!\n";
ReopenIfNecessary();		ReopenIfNecessary();
if (length != internal_write(fd, buffer, length)) {		if (length != internal_write(fd, buffer, length)) {
internal_write(fd, kWriteError, internal_strlen(kWriteError));		internal_write(fd, kWriteError, internal_strlen(kWriteError));
Die();		Die();
Show All 21 Lines

lib/sanitizer_common/sanitizer_suppressions.cc

Show First 20 Lines • Show All 74 Lines • ▼ Show 20 Lines	SuppressionContext::SuppressionContext() : suppressions_(1), can_parse_(true) {
internal_memset(has_suppresson_type_, 0, sizeof(has_suppresson_type_));		internal_memset(has_suppresson_type_, 0, sizeof(has_suppresson_type_));
}		}

SuppressionContext *SuppressionContext::Get() {		SuppressionContext *SuppressionContext::Get() {
CHECK(suppression_ctx);		CHECK(suppression_ctx);
return suppression_ctx;		return suppression_ctx;
}		}

		static bool GetPathAssumingFileIsRelativeToExec(const char *file_path,
		samsonovUnsubmitted Not Done Reply Inline Actions Please make the output parameter last. samsonov: Please make the output parameter last.
		samsonovUnsubmitted Not Done Reply Inline Actions Function name looks confusing: it return an absolute path, not path relative to executable. samsonov: Function name looks confusing: it return an absolute path, not path relative to executable.
		/out/char *new_file_path,
		uptr new_file_path_size) {
		InternalScopedString exec(kMaxPathLength);
		samsonovUnsubmitted Not Done Reply Inline Actions if (!ReadBinaryName(exec.data(), exec.size())) return false; ... return true; samsonov: if (!ReadBinaryName(exec.data(), exec.size())) return false; ... return true;
		if (ReadBinaryName(exec.data(), exec.size())) {
		kccUnsubmitted Not Done Reply Inline Actions this is probably unfriendly to windows. kcc: this is probably unfriendly to windows.
		samsonovUnsubmitted Not Done Reply Inline Actions +1. Looks like we need a named constant for path separator that would be different on POSIX/Windows. It can also be used in functions like `StripPathPrefix` or `StripModuleName`. samsonov: +1. Looks like we need a named constant for path separator that would be different on…
		const char *file_name_pos = StripModuleName(exec.data());
		uptr path_to_exec_len = file_name_pos - exec.data();
		samsonovUnsubmitted Not Done Reply Inline Actions You can have a buffer overflow on rel_file_path here. Consider taking a length of rel_file_path buffer as an input argument and/or using internal_strncat. samsonov: You can have a buffer overflow on rel_file_path here. Consider taking a length of rel_file_path…
		internal_strncat(new_file_path, exec.data(), path_to_exec_len);
		samsonovUnsubmitted Not Done Reply Inline Actions Max(path_to_exec_len, new_file_path_size - 1); samsonov: Max(path_to_exec_len, new_file_path_size - 1);
		internal_strncat(new_file_path, file_path,
		new_file_path_size - internal_strlen(new_file_path) - 1);
		return true;
		}
		return false;
		}

void SuppressionContext::InitIfNecessary() {		void SuppressionContext::InitIfNecessary() {
if (suppression_ctx)		if (suppression_ctx)
return;		return;
suppression_ctx = new(placeholder) SuppressionContext;		suppression_ctx = new(placeholder) SuppressionContext;
if (common_flags()->suppressions[0] == '\0')		if (common_flags()->suppressions[0] == '\0')
return;		return;

		const char *file_path = common_flags()->suppressions;
char *suppressions_from_file;		char *suppressions_from_file;
uptr buffer_size;		uptr buffer_size;
		samsonovUnsubmitted Not Done Reply Inline Actions Move these declarations closer to the place where they are actually used. samsonov: Move these declarations closer to the place where they are actually used.
		const uptr max_len = 1 << 26;
		samsonovUnsubmitted Not Done Reply Inline Actions const samsonov: const

		// If we cannot find the file, check if its location is relative to
		// the location of the executable.
		InternalScopedString new_file_path(kMaxPathLength);
		if (!FileExists(file_path) && !IsAbsolutePath(file_path) &&
		kccUnsubmitted Not Done Reply Inline Actions ditto kcc: ditto
		GetPathAssumingFileIsRelativeToExec(file_path, new_file_path.data(),
		new_file_path.size())) {
		file_path = new_file_path.data();
		}

uptr contents_size =		uptr contents_size =
ReadFileToBuffer(common_flags()->suppressions, &suppressions_from_file,		ReadFileToBuffer(file_path, &suppressions_from_file, &buffer_size, max_len);
&buffer_size, 1 << 26 /* max_len */);
		VPrintf(1, "%s: reading suppressions file at %s\n",
		SanitizerToolName, file_path);

if (contents_size == 0) {		if (contents_size == 0) {
Printf("%s: failed to read suppressions file '%s'\n", SanitizerToolName,		Printf("%s: failed to read suppressions file '%s'\n", SanitizerToolName,
common_flags()->suppressions);		common_flags()->suppressions);
		samsonovUnsubmitted Not Done Reply Inline Actions should this be file_path? samsonov: should this be file_path?
Die();		Die();
}		}
		samsonovUnsubmitted Not Done Reply Inline Actions You might add a VPrintf() that would tell the actual path of the file with suppressions used by the runtime. samsonov: You might add a VPrintf() that would tell the actual path of the file with suppressions used by…
suppression_ctx->Parse(suppressions_from_file);		suppression_ctx->Parse(suppressions_from_file);
}		}

bool SuppressionContext::Match(const char *str, SuppressionType type,		bool SuppressionContext::Match(const char *str, SuppressionType type,
Suppression **s) {		Suppression **s) {
if (!has_suppresson_type_[type])		if (!has_suppresson_type_[type])
return false;		return false;
can_parse_ = false;		can_parse_ = false;
▲ Show 20 Lines • Show All 88 Lines • Show Last 20 Lines

lib/sanitizer_common/sanitizer_win.cc

Show First 20 Lines • Show All 305 Lines • ▼ Show 20 Lines	void SetAddressSpaceUnlimited() {
UNIMPLEMENTED();		UNIMPLEMENTED();
}		}

char FindPathToBinary(const char name) {		char FindPathToBinary(const char name) {
// Nothing here for now.		// Nothing here for now.
return 0;		return 0;
}		}

		uptr ReadBinaryName(/out/char *buf, uptr buf_len) {
		// Nothing here for now.
		return 0;
		}

		bool IsPathSeparator(const char c) {
		return c == '\\' \|\| c == '/';
		samsonovUnsubmitted Not Done Reply Inline Actions return c == '\\'; samsonov: return c == '\\';
		}

		bool IsAbsolutePath(const char *path) {
		UNIMPLEMENTED();
		}

void SleepForSeconds(int seconds) {		void SleepForSeconds(int seconds) {
Sleep(seconds * 1000);		Sleep(seconds * 1000);
}		}

void SleepForMillis(int millis) {		void SleepForMillis(int millis) {
Sleep(millis);		Sleep(millis);
}		}

▲ Show 20 Lines • Show All 300 Lines • Show Last 20 Lines

test/asan/TestCases/suppressions-exec-relative-location.cc

This file was added.

				// Check that without suppressions, we catch the issue.
				// RUN: %clangxx_asan -O0 %s -o %t
				// RUN: not %run %t 2>&1 \| FileCheck --check-prefix=CHECK-CRASH %s

				// If the executable is started from a different location, we should still
				// find the suppression file located relative to the location of the executable.
				// RUN: rm -rf %T/suppressions-exec-relative-location
				// RUN: mkdir -p %T/suppressions-exec-relative-location
				// RUN: %clangxx_asan -O0 %s -o %T/suppressions-exec-relative-location/exec
				// RUN: echo "interceptor_via_fun:crash_function" > \
				// RUN: %T/suppressions-exec-relative-location/supp.txt
				// RUN: ASAN_OPTIONS="suppressions=supp.txt" \
				// RUN: %run %T/suppressions-exec-relative-location/exec 2>&1 \| \
				// RUN: FileCheck --check-prefix=CHECK-IGNORE %s
				// RUN: rm -rf %T/suppressions-exec-relative-location

				// If the wrong absolute path is given, we don't try to construct
				// a relative path with it.
				// RUN: ASAN_OPTIONS="suppressions='/absolute/path'" not %run %t 2>&1 \| \
				// RUN: FileCheck --check-prefix=CHECK-WRONG-FILE-NAME %s

				// Test that we reject directory as filename.
				// RUN: ASAN_OPTIONS="suppressions='folder/only/'" not %run %t 2>&1 \| \
				// RUN: FileCheck --check-prefix=CHECK-WRONG-FILE-NAME %s

				// XFAIL: android
				// XFAIL: win32

				#include <stdio.h>
				#include <stdlib.h>
				#include <string.h>

				void crash_function() {
				char a = (char )malloc(6);
				free(a);
				size_t len = strlen(a); // BOOM
				fprintf(stderr, "strlen ignored, len = %zu\n", len);
				}

				int main() {
				crash_function();
				}

				// CHECK-CRASH: AddressSanitizer: heap-use-after-free
				// CHECK-IGNORE-NOT: AddressSanitizer: heap-buffer-overflow
				// CHECK-IGNORE: ignored
				// CHECK-WRONG-FILE-NAME: failed to read suppressions file