This is an archive of the discontinued LLVM Phabricator instance.

Differential D120591

[sanitizer] Always initialize the regex in the regcomp() interceptor
ClosedPublic

Authored by tavianator on Feb 25 2022, 1:51 PM.

Details

Reviewers
vitalybuka
Commits
rG9a42715ae887: [sanitizer] Always initialize the regex in the regcomp() interceptor
Summary

When regcomp() fails, the same regex_t* should be passed to regerror()
for potentially better error messages. But doing that with msan would
report a use-of-uninitialized-value.

Fixes https://github.com/google/sanitizers/issues/1496

Diff Detail

Event Timeline

tavianator requested review of this revision.Feb 25 2022, 1:51 PM
tavianator created this revision.
Herald added a project: Restricted Project. · View Herald TranscriptFeb 25 2022, 1:51 PM
Herald added a subscriber: Restricted Project. · View Herald Transcript
Harbormaster completed remote builds in B151545: Diff 411519.Feb 25 2022, 2:12 PM
vitalybuka accepted this revision.Feb 25 2022, 3:12 PM

Thank you!
I can land it later, if you have no access.

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
7978
compiler-rt/test/sanitizer_common/TestCases/Posix/regex.cpp
44–48

you don't need to move them, just use {} to make sure it's two different instances

This revision is now accepted and ready to land.Feb 25 2022, 3:12 PM
tavianator updated this revision to Diff 411648.Feb 26 2022, 4:42 PM

Address review comments

Harbormaster completed remote builds in B151641: Diff 411648.Feb 26 2022, 4:43 PM
vitalybuka added inline comments.Mar 15 2022, 2:26 PM
compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
7977–7978

FYI: the patch is upload somehow incorrectly, "before" does not match existing code. if (!res) is missing.
Arcanist, as explained here https://llvm.org/docs/Phabricator.html#id7, is easy way to upload it correctly.
No need to fix this one, I resolved conflicts already.

Herald added a project: Restricted Project. · View Herald TranscriptMar 15 2022, 2:26 PM
vitalybuka updated this revision to Diff 415589.Mar 15 2022, 2:27 PM

fixed conflicts

This revision was landed with ongoing or failed builds.Mar 15 2022, 2:31 PM
Closed by commit rG9a42715ae887: [sanitizer] Always initialize the regex in the regcomp() interceptor (authored by tavianator, committed by vitalybuka). · Explain Why
This revision was automatically updated to reflect the committed changes.
vitalybuka added a commit: rG9a42715ae887: [sanitizer] Always initialize the regex in the regcomp() interceptor.
Harbormaster completed remote builds in B154429: Diff 415589.Mar 15 2022, 2:44 PM

Revision Contents

PathSize
compiler-rt/
lib/
sanitizer_common/
2 lines
test/
sanitizer_common/
TestCases/
Posix/
31 lines

Diff 415592

compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc

  • This file is larger than 256 KB, so syntax highlighting is disabled by default.
Show First 20 LinesShow All 7,968 Lines▼ Show 20 Lines
#if SANITIZER_INTERCEPT_REGEX #if SANITIZER_INTERCEPT_REGEX
INTERCEPTOR(int, regcomp, void *preg, const char *pattern, int cflags) { INTERCEPTOR(int, regcomp, void *preg, const char *pattern, int cflags) {
void *ctx; void *ctx;
COMMON_INTERCEPTOR_ENTER(ctx, regcomp, preg, pattern, cflags); COMMON_INTERCEPTOR_ENTER(ctx, regcomp, preg, pattern, cflags);
if (pattern) if (pattern)
COMMON_INTERCEPTOR_READ_RANGE(ctx, pattern, internal_strlen(pattern) + 1); COMMON_INTERCEPTOR_READ_RANGE(ctx, pattern, internal_strlen(pattern) + 1);
int res = REAL(regcomp)(preg, pattern, cflags); int res = REAL(regcomp)(preg, pattern, cflags);
if (!res) if (preg)
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, preg, struct_regex_sz); COMMON_INTERCEPTOR_WRITE_RANGE(ctx, preg, struct_regex_sz);
vitalybukaUnsubmitted
Not Done
ReplyInline Actions

FYI: the patch is upload somehow incorrectly, "before" does not match existing code. if (!res) is missing.
Arcanist, as explained here https://llvm.org/docs/Phabricator.html#id7, is easy way to upload it correctly.
No need to fix this one, I resolved conflicts already.

vitalybuka: FYI: the patch is upload somehow incorrectly, "before" does not match existing code. if (!res)…
vitalybukaUnsubmitted
Not Done
ReplyInline Actions
int res = REAL(regcomp)(preg, pattern, cflags);
+ if (preg)
COMMON_INTERCEPTOR_WRITE_RANGE(ctx, preg, struct_regex_sz);
return res;
vitalybuka:
return res; return res;
} }
INTERCEPTOR(int, regexec, const void *preg, const char *string, SIZE_T nmatch, INTERCEPTOR(int, regexec, const void *preg, const char *string, SIZE_T nmatch,
struct __sanitizer_regmatch *pmatch[], int eflags) { struct __sanitizer_regmatch *pmatch[], int eflags) {
void *ctx; void *ctx;
COMMON_INTERCEPTOR_ENTER(ctx, regexec, preg, string, nmatch, pmatch, eflags); COMMON_INTERCEPTOR_ENTER(ctx, regexec, preg, string, nmatch, pmatch, eflags);
if (preg) if (preg)
COMMON_INTERCEPTOR_READ_RANGE(ctx, preg, struct_regex_sz); COMMON_INTERCEPTOR_READ_RANGE(ctx, preg, struct_regex_sz);
▲ Show 20 LinesShow All 2,618 LinesShow Last 20 Lines

compiler-rt/test/sanitizer_common/TestCases/Posix/regex.cpp

Show All 35 Linesvoid test_print_matches(const regex_t *preg, const char *string) {
} else if (rv == REG_NOMATCH) } else if (rv == REG_NOMATCH)
printf("%s: not-matched\n", string); printf("%s: not-matched\n", string);
else else
abort(); abort();
} }
int main(void) { int main(void) {
printf("regex\n"); printf("regex\n");
{
regex_t regex; regex_t regex;
int rv = regcomp(&regex, "[[:upper:]]\\([[:upper:]]\\)", 0); int rv = regcomp(&regex, "[[:upper:]]\\([[:upper:]]\\)", 0);
assert(!rv); assert(!rv);
vitalybukaUnsubmitted
Not Done
ReplyInline Actions
printf("regex\n");
+ {
regex_t regex;
int rv = regcomp(&regex, "[[:upp:]]", 0);
assert(rv);
char errbuf[1024];
regerror(rv, &regex, errbuf, sizeof errbuf);
printf("error: %s\n", errbuf);
regfree(&regex);
-
+ }
rv = regcomp(&regex, "[[:upper:]]\\([[:upper:]]\\)", 0);

you don't need to move them, just use {} to make sure it's two different instances

vitalybuka: you don't need to move them, just use {} to make sure it's two different instances
test_matched(&regex, "abc"); test_matched(&regex, "abc");
test_matched(&regex, "ABC"); test_matched(&regex, "ABC");
test_print_matches(&regex, "ABC"); test_print_matches(&regex, "ABC");
regfree(&regex); regfree(&regex);
}
rv = regcomp(&regex, "[[:upp:]]", 0); {
regex_t regex;
int rv = regcomp(&regex, "[[:upp:]]", 0);
assert(rv); assert(rv);
char errbuf[1024]; char errbuf[1024];
regerror(rv, &regex, errbuf, sizeof errbuf); regerror(rv, &regex, errbuf, sizeof errbuf);
printf("error: %s\n", errbuf); printf("error: %s\n", errbuf);
regfree(&regex);
}
// CHECK: regex // CHECK: regex
// CHECK: abc: not-matched // CHECK: abc: not-matched
// CHECK: ABC: matched // CHECK: ABC: matched
// CHECK: matched[0]='AB' // CHECK: matched[0]='AB'
// CHECK: matched[1]='B' // CHECK: matched[1]='B'
// CHECK: error:{{.*}} // CHECK: error:{{.*}}
return 0; return 0;
} }