This is an archive of the discontinued LLVM Phabricator instance.

Differential D5931

Support re-exec of sanitized executable with preloading libasan on Linux
AbandonedPublic

Authored by m.guseva on Oct 23 2014, 2:18 AM.

Details

Reviewers
kcc
glider
samsonov
Summary

Currently if we want to run sanitized shared library in unsanitized executable we have to run executable with LD_PRELOAD=libasan.so which may be inconvenient for users (have to modify startup scripts, etc.). The patch implements reexecuting of the program with modified LD_PRELOAD environment variable on Linux. The same functionality is already supported for Mac Asan.
The corresponding issue link: https://code.google.com/p/address-sanitizer/issues/detail?id=330

Diff Detail

Event Timeline

m.guseva updated this revision to Diff 15308.Oct 23 2014, 2:18 AM
m.guseva retitled this revision from to Support re-exec of sanitized executable with preloading libasan on Linux.
m.guseva updated this object.
m.guseva edited the test plan for this revision. (Show Details)
m.guseva added reviewers: glider, kcc, samsonov.
m.guseva added subscribers: Unknown Object (MLST), ygribov.
kcc edited edge metadata.Oct 27 2014, 11:32 AM

OMG, this is very complex and fragile. Can we find another solution?
I'd like to see more discussion at https://code.google.com/p/address-sanitizer/issues/detail?id=330& before looking at the patch in more detail.

ygribov added a comment.Oct 27 2014, 2:49 PM

OMG, this is very complex and fragile.

The main complexity comes from save-restore the environment which is in turn necessary so that the reexecuted program does not notice that we've changed LD_PRELOAD/ASAN_OPTIONS.

ygribov added a comment.Oct 31 2014, 2:27 AM

Kostya, what kind of discussion do you expect in the issue tracker in particular? Do you want us to describe feature design or something?

m.guseva abandoned this revision.Aug 7 2015, 7:30 AM

Revision Contents

PathSize
lib/
asan/
1 line
1 line
225 lines
3 lines
6 lines
2 lines
sanitizer_common/
6 lines
16 lines
28 lines
77 lines
test/
asan/
TestCases/
Linux/
2 lines
44 lines
53 lines

Diff 15308

lib/asan/asan_flags.h

Show First 20 LinesShow All 60 Lines▼ Show 20 Linesstruct Flags {
bool new_delete_type_mismatch; bool new_delete_type_mismatch;
bool strict_memcmp; bool strict_memcmp;
bool strict_init_order; bool strict_init_order;
bool start_deactivated; bool start_deactivated;
int detect_invalid_pointer_pairs; int detect_invalid_pointer_pairs;
bool detect_container_overflow; bool detect_container_overflow;
int detect_odr_violation; int detect_odr_violation;
bool dump_instruction_bytes; bool dump_instruction_bytes;
bool reexec_done;
}; };
extern Flags asan_flags_dont_use_directly; extern Flags asan_flags_dont_use_directly;
inline Flags *flags() { inline Flags *flags() {
return &asan_flags_dont_use_directly; return &asan_flags_dont_use_directly;
} }
void InitializeFlags(Flags *f, const char *env); void InitializeFlags(Flags *f, const char *env);
} // namespace __asan } // namespace __asan
#endif // ASAN_FLAGS_H #endif // ASAN_FLAGS_H

lib/asan/asan_internal.h

Show First 20 LinesShow All 66 Lines▼ Show 20 Lines
// asan_rtl.cc // asan_rtl.cc
void NORETURN ShowStatsAndAbort(); void NORETURN ShowStatsAndAbort();
// asan_malloc_linux.cc / asan_malloc_mac.cc // asan_malloc_linux.cc / asan_malloc_mac.cc
void ReplaceSystemMalloc(); void ReplaceSystemMalloc();
// asan_linux.cc / asan_mac.cc / asan_win.cc // asan_linux.cc / asan_mac.cc / asan_win.cc
void *AsanDoesNotSupportStaticLinkage(); void *AsanDoesNotSupportStaticLinkage();
void AsanCheckDynamicRTPrereqs();
void AsanCheckIncompatibleRT(); void AsanCheckIncompatibleRT();
void GetPcSpBp(void *context, uptr *pc, uptr *sp, uptr *bp); void GetPcSpBp(void *context, uptr *pc, uptr *sp, uptr *bp);
void AsanOnSIGSEGV(int, void *siginfo, void *context); void AsanOnSIGSEGV(int, void *siginfo, void *context);
void MaybeReexec(); void MaybeReexec();
bool AsanInterceptsSignal(int signum); bool AsanInterceptsSignal(int signum);
void ReadContextStack(void *context, uptr *stack, uptr *ssize); void ReadContextStack(void *context, uptr *stack, uptr *ssize);
▲ Show 20 LinesShow All 61 LinesShow Last 20 Lines

lib/asan/asan_linux.cc

Show All 35 Lines
#include <unwind.h> #include <unwind.h>
#if SANITIZER_FREEBSD #if SANITIZER_FREEBSD
#include <sys/link_elf.h> #include <sys/link_elf.h>
#endif #endif
#if SANITIZER_ANDROID || SANITIZER_FREEBSD #if SANITIZER_ANDROID || SANITIZER_FREEBSD
#include <ucontext.h> #include <ucontext.h>
#include <link.h>
#if defined(__ANDROID_API__) && (__ANDROID_API__ < 20)
extern "C" int dl_iterate_phdr(int (*cb)(struct dl_phdr_info*,
size_t, void*), void*);
#endif
extern "C" void* _DYNAMIC; extern "C" void* _DYNAMIC;
#else #else
#include <sys/ucontext.h> #include <sys/ucontext.h>
#include <link.h> #include <link.h>
#endif #endif
// x86-64 FreeBSD 9.2 and older define 'ucontext_t' incorrectly in // x86-64 FreeBSD 9.2 and older define 'ucontext_t' incorrectly in
// 32-bit mode. // 32-bit mode.
Show All 11 Lines
// FIXME: perhaps also store abi version here? // FIXME: perhaps also store abi version here?
extern "C" { extern "C" {
SANITIZER_INTERFACE_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
asan_rt_version_t __asan_rt_version; asan_rt_version_t __asan_rt_version;
} }
namespace __asan { namespace __asan {
void MaybeReexec() { extern "C" {
// No need to re-exec on Linux. SANITIZER_WEAK_ATTRIBUTE extern void *__libc_stack_end;
SANITIZER_WEAK_ATTRIBUTE extern char **environ;
} }
void *AsanDoesNotSupportStaticLinkage() { static char **GetEnviron() {
// This will fail to link with -static. if (environ)
return &_DYNAMIC; // defined in link.h // Use libc global variable "environ" if it is already initialized
return environ;
if (&__libc_stack_end) {
// Use "__libc_stack_end" variable if it is available and initialized
uptr stack_end = (uptr)__libc_stack_end;
int argc = *(int *)stack_end;
return (char **)(stack_end + argc + 2);
}
// Parse stack for environment variables
char *proc_env;
uptr proc_env_size;
uptr proc_env_len = ReadFileToBuffer("/proc/self/environ", &proc_env,
&proc_env_size, 1 << 26);
uptr stack_top, stack_bottom;
GetThreadStackTopAndBottom(true, &stack_top, &stack_bottom);
char *sp = (char *)__builtin_frame_address(0);
for (; sp <= (char *)stack_top - proc_env_len; ++sp)
if (!internal_memcmp(sp, proc_env, proc_env_len))
break;
// Get number of environment variables on stack
uptr num_vars = 0;
for (uptr env_off = 0; env_off < proc_env_len;
env_off += internal_strlen(sp + env_off) + 1, ++num_vars) {
}
// Create new array of environment variables strings
char **stack_environ =
(char **)MmapOrDie(sizeof(char *) * (num_vars + 1), __func__);
for (uptr i = 0; i < num_vars; ++i) {
stack_environ[i] = sp;
sp += internal_strlen(stack_environ[i]) + 1;
}
return stack_environ;
}
static char *SkipDelim(const char *str) {
char *s = internal_strchr(str, ':');
return s ? s++ : NULL;
}
static void FillWithDummyPattern(char *str, uptr len) {
char dummy_name[] = "ASAN_DUMMY";
uptr dummy_len = sizeof(dummy_name) - 1;
uptr i = 0;
if (dummy_len <= len) {
internal_strncpy(str, dummy_name, len);
i += dummy_len;
}
internal_memset(str + i, 'X', len - i);
str[len - 1] = '\0';
}
static bool RemoveFromColonList(char *str, const char *del) {
uptr del_len = internal_strlen(del);
while (str) {
char *del_start = internal_strstr(str, del);
if (!del_start)
return false;
// Skip partly matched fragment
if (del_start != str && del_start[-1] != ':') {
str = SkipDelim(del_start);
continue;
}
if (del_start[del_len] != '\0') {
if (del_start[del_len] == ':') {
// Remove separator following the value
del_len++;
} else {
str = SkipDelim(del_start);
continue;
}
}
// Delete value
char *del_end = del_start + del_len;
internal_memmove(del_start, del_end, internal_strlen(del_end) + 1);
uptr str_len = internal_strlen(str);
// Fill interspaces after delete with 'ASAN_DUMMYXXX' patterns
FillWithDummyPattern(str + str_len + 1, del_len);
return true;
}
return false;
}
UNUSED static void RemoveFromEnv(const char **del_vars) {
char **environ = GetEnviron();
for (const char **del_varp = del_vars; *del_varp; ++del_varp) {
const char *del_var = *del_varp;
// Check if current variable is present in environment
uptr lhs_len, rhs_len;
ParseEnvVar(del_var, &lhs_len, &rhs_len);
int var_idx =
EnvVarIdx(const_cast<const char **>(environ), del_var, lhs_len);
if (var_idx < 0)
continue;
if (RemoveFromColonList(environ[var_idx] + lhs_len + 1,
del_var + lhs_len + 1) &&
(internal_strlen(environ[var_idx]) == lhs_len + 1)) {
// Replace env variable with dummy one if it is blank after deletion
FillWithDummyPattern(environ[var_idx], lhs_len);
}
}
} }
#if SANITIZER_ANDROID
// FIXME: should we do anything for Android?
void AsanCheckDynamicRTPrereqs() {}
void AsanCheckIncompatibleRT() {}
#else
static int FindFirstDSOCallback(struct dl_phdr_info *info, size_t size, static int FindFirstDSOCallback(struct dl_phdr_info *info, size_t size,
void *data) { void *data) {
// Continue until the first dynamic library is found // Continue until the first dynamic library is found
if (!info->dlpi_name || info->dlpi_name[0] == 0) if (!info->dlpi_name || info->dlpi_name[0] == 0)
return 0; return 0;
// Ignore vDSO // Ignore vDSO
if (internal_strncmp(info->dlpi_name, "linux-", sizeof("linux-") - 1) == 0) if (internal_strncmp(info->dlpi_name, "linux-", sizeof("linux-") - 1) == 0)
return 0; return 0;
*(const char **)data = info->dlpi_name; *(const char **)data = info->dlpi_name;
return 1; return 1;
} }
static bool IsDynamicRTName(const char *libname) { UNUSED static bool IsDynamicRTName(const char *libname) {
return internal_strstr(libname, "libclang_rt.asan") || return internal_strstr(libname, "libclang_rt.asan") ||
internal_strstr(libname, "libasan.so"); internal_strstr(libname, "libasan.so");
} }
static void ReportIncompatibleRT() { static int FindAsanDSOCallback(struct dl_phdr_info *info, size_t size,
Report("Your application is linked against incompatible ASan runtimes.\n"); void *data) {
Die(); if (!info->dlpi_name || info->dlpi_name[0] == 0)
return 0;
*(const char **)data = info->dlpi_name;
return IsDynamicRTName(info->dlpi_name) ? 1 : 0;
} }
void AsanCheckDynamicRTPrereqs() { static const char *RTDSOName() {
// Get Asan dynamic RT library name
static char *asan_dso_name = 0;
if (!asan_dso_name) {
if (!dl_iterate_phdr(FindAsanDSOCallback, &asan_dso_name))
asan_dso_name = 0;
}
return asan_dso_name;
}
UNUSED static char *GetLdPreloadDSO() {
static char *LdPreloadRTEnv = NULL;
if (LdPreloadRTEnv)
return LdPreloadRTEnv;
const char *rhs = RTDSOName();
CHECK_NE(rhs, NULL);
char lhs[] = "LD_PRELOAD=";
uptr lhs_len = sizeof(lhs) - 1;
uptr rhs_len = internal_strlen(rhs);
LdPreloadRTEnv = (char *)MmapOrDie(
lhs_len + rhs_len + 1, "LD_PRELOAD enviroment variable assignment");
internal_strncpy(LdPreloadRTEnv, lhs, lhs_len);
internal_strncpy(LdPreloadRTEnv + lhs_len, rhs, rhs_len);
return LdPreloadRTEnv;
}
UNUSED static bool IsRTFirstDSO() {
// Ensure that dynamic RT is the first DSO in the list // Ensure that dynamic RT is the first DSO in the list
const char *first_dso_name = 0; const char *first_dso_name = 0;
dl_iterate_phdr(FindFirstDSOCallback, &first_dso_name); dl_iterate_phdr(FindFirstDSOCallback, &first_dso_name);
if (first_dso_name && !IsDynamicRTName(first_dso_name)) { return first_dso_name && IsDynamicRTName(first_dso_name);
}
void MaybeReexec() {
#if ASAN_DYNAMIC
const char ReexecDoneEnv[] = "ASAN_OPTIONS=reexec_done=true";
const char *RTPreload = GetLdPreloadDSO();
// Make sure the dynamic ASan runtime library is preloaded so that the
// wrappers work. If it is not but reexec is allowed, set LD_PRELOAD
// and re-exec ourselves.
const char *reexec_vars[] = {RTPreload, ReexecDoneEnv, NULL};
if (IsRTFirstDSO()) {
// In case of reexec-ed run - disable added environment
if (flags()->reexec_done) {
RemoveFromEnv(reexec_vars);
}
} else {
if (flags()->reexec_done) {
// Already in reexec-ed run but ASan RT is not preloaded
Report("ASan runtime does not come first in initial library list; "
"reexecuting with LD_PRELOAD doesn't take effect; "
"you should link runtime to your application\n");
Die();
} else {
// In case of initial run try to reexec
if (flags()->allow_reexec) {
// Set ASan option "reexec_done=true" to prevent infinite reexec
// in case library preload is unsuccessful e.g. when capabilities
// are set the LD_* variables are disabled for security reasons
VReport(1, "exec()-ing the program with\n%s\n"
"to enable ASan wrappers.\nSet ASAN_OPTIONS=allow_reexec=0 "
"to disable this.\n",
reexec_vars[0]);
ReExec(reexec_vars);
} else {
// Reeexec is disallowed in Asan options
Report("ASan runtime does not come first in initial library list; " Report("ASan runtime does not come first in initial library list; "
"you should either link runtime to your application or " "you should either link runtime to your application or "
"manually preload it with LD_PRELOAD.\n"); "let ASan to reexec by setting ASAN_OPTIONS=allow_reexec=true "
"or manually preload runtime with LD_PRELOAD.\n");
Die(); Die();
} }
} }
}
#endif
}
void *AsanDoesNotSupportStaticLinkage() {
// This will fail to link with -static.
return &_DYNAMIC; // defined in link.h
}
#if SANITIZER_ANDROID
// FIXME: should we do anything for Android?
void AsanCheckIncompatibleRT() {}
#else
static void ReportIncompatibleRT() {
Report("Your application is linked against incompatible ASan runtimes.\n");
Die();
}
void AsanCheckIncompatibleRT() { void AsanCheckIncompatibleRT() {
if (ASAN_DYNAMIC) { if (ASAN_DYNAMIC) {
if (__asan_rt_version == ASAN_RT_VERSION_UNDEFINED) { if (__asan_rt_version == ASAN_RT_VERSION_UNDEFINED) {
__asan_rt_version = ASAN_RT_VERSION_DYNAMIC; __asan_rt_version = ASAN_RT_VERSION_DYNAMIC;
} else if (__asan_rt_version != ASAN_RT_VERSION_DYNAMIC) { } else if (__asan_rt_version != ASAN_RT_VERSION_DYNAMIC) {
ReportIncompatibleRT(); ReportIncompatibleRT();
} }
▲ Show 20 LinesShow All 122 LinesShow Last 20 Lines

lib/asan/asan_mac.cc

Show First 20 LinesShow All 194 Lines▼ Show 20 Lines
} }
// No-op. Mac does not support static linkage anyway. // No-op. Mac does not support static linkage anyway.
void *AsanDoesNotSupportStaticLinkage() { void *AsanDoesNotSupportStaticLinkage() {
return 0; return 0;
} }
// No-op. Mac does not support static linkage anyway. // No-op. Mac does not support static linkage anyway.
void AsanCheckDynamicRTPrereqs() {}
// No-op. Mac does not support static linkage anyway.
void AsanCheckIncompatibleRT() {} void AsanCheckIncompatibleRT() {}
bool AsanInterceptsSignal(int signum) { bool AsanInterceptsSignal(int signum) {
return (signum == SIGSEGV || signum == SIGBUS) && return (signum == SIGSEGV || signum == SIGBUS) &&
common_flags()->handle_segv; common_flags()->handle_segv;
} }
void AsanPlatformThreadInit() { void AsanPlatformThreadInit() {
▲ Show 20 LinesShow All 207 LinesShow Last 20 Lines

lib/asan/asan_rtl.cc

Show First 20 LinesShow All 227 Lines▼ Show 20 Linesstatic void ParseFlagsFromString(Flags *f, const char *str) {
ParseFlag(str, &f->detect_odr_violation, "detect_odr_violation", ParseFlag(str, &f->detect_odr_violation, "detect_odr_violation",
"If >=2, detect violation of One-Definition-Rule (ODR); " "If >=2, detect violation of One-Definition-Rule (ODR); "
"If ==1, detect ODR-violation only if the two variables " "If ==1, detect ODR-violation only if the two variables "
"have different sizes"); "have different sizes");
ParseFlag(str, &f->dump_instruction_bytes, "dump_instruction_bytes", ParseFlag(str, &f->dump_instruction_bytes, "dump_instruction_bytes",
"If true, dump 16 bytes starting at the instruction that caused SEGV"); "If true, dump 16 bytes starting at the instruction that caused SEGV");
ParseFlag(str, &f->reexec_done, "reexec_done",
"The internal flag"
"to indicate the process has beed reexeced in asan init",
false);
} }
void InitializeFlags(Flags *f, const char *env) { void InitializeFlags(Flags *f, const char *env) {
CommonFlags *cf = common_flags(); CommonFlags *cf = common_flags();
SetCommonFlagsDefaults(cf); SetCommonFlagsDefaults(cf);
cf->detect_leaks = CAN_SANITIZE_LEAKS; cf->detect_leaks = CAN_SANITIZE_LEAKS;
cf->external_symbolizer_path = GetEnv("ASAN_SYMBOLIZER_PATH"); cf->external_symbolizer_path = GetEnv("ASAN_SYMBOLIZER_PATH");
cf->malloc_context_size = kDefaultMallocContextSize; cf->malloc_context_size = kDefaultMallocContextSize;
▲ Show 20 LinesShow All 459 Lines▼ Show 20 Lines
#if ASAN_DYNAMIC #if ASAN_DYNAMIC
// Initialize runtime in case it's LD_PRELOAD-ed into unsanitized executable // Initialize runtime in case it's LD_PRELOAD-ed into unsanitized executable
// (and thus normal initializer from .preinit_array haven't run). // (and thus normal initializer from .preinit_array haven't run).
class AsanInitializer { class AsanInitializer {
public: // NOLINT public: // NOLINT
AsanInitializer() { AsanInitializer() {
AsanCheckIncompatibleRT(); AsanCheckIncompatibleRT();
AsanCheckDynamicRTPrereqs();
if (UNLIKELY(!asan_inited)) if (UNLIKELY(!asan_inited))
__asan_init(); __asan_init();
} }
}; };
static AsanInitializer asan_initializer; static AsanInitializer asan_initializer;
#endif // ASAN_DYNAMIC #endif // ASAN_DYNAMIC
▲ Show 20 LinesShow All 55 LinesShow Last 20 Lines

lib/asan/asan_win.cc

Show First 20 LinesShow All 65 Lines▼ Show 20 Lines
void *AsanDoesNotSupportStaticLinkage() { void *AsanDoesNotSupportStaticLinkage() {
#if defined(_DEBUG) #if defined(_DEBUG)
#error Please build the runtime with a non-debug CRT: /MD or /MT #error Please build the runtime with a non-debug CRT: /MD or /MT
#endif #endif
return 0; return 0;
} }
void AsanCheckDynamicRTPrereqs() {}
void AsanCheckIncompatibleRT() {} void AsanCheckIncompatibleRT() {}
void AsanPlatformThreadInit() { void AsanPlatformThreadInit() {
// Nothing here for now. // Nothing here for now.
} }
void ReadContextStack(void *context, uptr *stack, uptr *ssize) { void ReadContextStack(void *context, uptr *stack, uptr *ssize) {
UNIMPLEMENTED(); UNIMPLEMENTED();
▲ Show 20 LinesShow All 70 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_common.h

Show First 20 LinesShow All 177 Lines▼ Show 20 Linesvoid PrintModuleAndOffset(InternalScopedString *buffer,
const char *module, uptr offset); const char *module, uptr offset);
// OS // OS
void DisableCoreDumperIfNecessary(); void DisableCoreDumperIfNecessary();
void DumpProcessMap(); void DumpProcessMap();
bool FileExists(const char *filename); bool FileExists(const char *filename);
const char *GetEnv(const char *name); const char *GetEnv(const char *name);
bool SetEnv(const char *name, const char *value); bool SetEnv(const char *name, const char *value);
#if SANITIZER_LINUX
void ParseEnvVar(const char *env, uptr *lhs_len, uptr *rhs_len);
int EnvVarIdx(const char **environ, const char *var, const uptr var_len);
#endif
const char *GetPwd(); const char *GetPwd();
char *FindPathToBinary(const char *name); char *FindPathToBinary(const char *name);
u32 GetUid(); u32 GetUid();
void ReExec(); void ReExec(const char **add_envp = 0);
bool StackSizeIsUnlimited(); bool StackSizeIsUnlimited();
void SetStackSizeLimitInBytes(uptr limit); void SetStackSizeLimitInBytes(uptr limit);
bool AddressSpaceIsUnlimited(); bool AddressSpaceIsUnlimited();
void SetAddressSpaceUnlimited(); void SetAddressSpaceUnlimited();
void AdjustStackSize(void *attr); void AdjustStackSize(void *attr);
void PrepareForSandboxing(__sanitizer_sandbox_arguments *args); void PrepareForSandboxing(__sanitizer_sandbox_arguments *args);
void CovPrepareForSandboxing(__sanitizer_sandbox_arguments *args); void CovPrepareForSandboxing(__sanitizer_sandbox_arguments *args);
void SetSandboxingCallback(void (*f)()); void SetSandboxingCallback(void (*f)());
▲ Show 20 LinesShow All 375 LinesShow Last 20 Lines

lib/sanitizer_common/sanitizer_flags.h

Show All 12 Lines
#ifndef SANITIZER_FLAGS_H #ifndef SANITIZER_FLAGS_H
#define SANITIZER_FLAGS_H #define SANITIZER_FLAGS_H
#include "sanitizer_internal_defs.h" #include "sanitizer_internal_defs.h"
namespace __sanitizer { namespace __sanitizer {
void ParseFlag(const char *env, bool *flag, void ParseFlag(const char *env, bool *flag, const char *name, const char *descr,
const char *name, const char *descr); const bool visible = true);
void ParseFlag(const char *env, int *flag, void ParseFlag(const char *env, int *flag, const char *name, const char *descr,
const char *name, const char *descr); const bool visible = true);
void ParseFlag(const char *env, uptr *flag, void ParseFlag(const char *env, uptr *flag, const char *name, const char *descr,
const char *name, const char *descr); const bool visible = true);
void ParseFlag(const char *env, const char **flag, void ParseFlag(const char *env, const char **flag, const char *name,
const char *name, const char *descr); const char *descr, const bool visible = true);
struct CommonFlags { struct CommonFlags {
bool symbolize; bool symbolize;
const char *external_symbolizer_path; const char *external_symbolizer_path;
bool allow_addr2line; bool allow_addr2line;
const char *strip_path_prefix; const char *strip_path_prefix;
bool fast_unwind_on_fatal; bool fast_unwind_on_fatal;
bool fast_unwind_on_malloc; bool fast_unwind_on_malloc;
Show All 40 Lines

lib/sanitizer_common/sanitizer_flags.cc

Show First 20 LinesShow All 234 Lines▼ Show 20 Linesvoid PrintFlagDescriptions() {
IntrusiveList<FlagDescription>::Iterator it(&flag_descriptions); IntrusiveList<FlagDescription>::Iterator it(&flag_descriptions);
Printf("Available flags for %s:\n", SanitizerToolName); Printf("Available flags for %s:\n", SanitizerToolName);
while (it.hasNext()) { while (it.hasNext()) {
FlagDescription *descr = it.next(); FlagDescription *descr = it.next();
Printf("\t%s\n\t\t- %s\n", descr->name, descr->description); Printf("\t%s\n\t\t- %s\n", descr->name, descr->description);
} }
} }
void ParseFlag(const char *env, bool *flag, void ParseFlag(const char *env, bool *flag, const char *name, const char *descr,
const char *name, const char *descr) { const bool visible) {
const char *value; const char *value;
int value_length; int value_length;
if (visible)
AddFlagDescription(name, descr); AddFlagDescription(name, descr);
if (!GetFlagValue(env, name, &value, &value_length)) if (!GetFlagValue(env, name, &value, &value_length))
return; return;
if (StartsWith(value, value_length, "0") || if (StartsWith(value, value_length, "0") ||
StartsWith(value, value_length, "no") || StartsWith(value, value_length, "no") ||
StartsWith(value, value_length, "false")) StartsWith(value, value_length, "false"))
*flag = false; *flag = false;
if (StartsWith(value, value_length, "1") || if (StartsWith(value, value_length, "1") ||
StartsWith(value, value_length, "yes") || StartsWith(value, value_length, "yes") ||
StartsWith(value, value_length, "true")) StartsWith(value, value_length, "true"))
*flag = true; *flag = true;
} }
void ParseFlag(const char *env, int *flag, void ParseFlag(const char *env, int *flag, const char *name, const char *descr,
const char *name, const char *descr) { const bool visible) {
const char *value; const char *value;
int value_length; int value_length;
if (visible)
AddFlagDescription(name, descr); AddFlagDescription(name, descr);
if (!GetFlagValue(env, name, &value, &value_length)) if (!GetFlagValue(env, name, &value, &value_length))
return; return;
*flag = static_cast<int>(internal_atoll(value)); *flag = static_cast<int>(internal_atoll(value));
} }
void ParseFlag(const char *env, uptr *flag, void ParseFlag(const char *env, uptr *flag, const char *name, const char *descr,
const char *name, const char *descr) { const bool visible) {
const char *value; const char *value;
int value_length; int value_length;
if (visible)
AddFlagDescription(name, descr); AddFlagDescription(name, descr);
if (!GetFlagValue(env, name, &value, &value_length)) if (!GetFlagValue(env, name, &value, &value_length))
return; return;
*flag = static_cast<uptr>(internal_atoll(value)); *flag = static_cast<uptr>(internal_atoll(value));
} }
void ParseFlag(const char *env, const char **flag, void ParseFlag(const char *env, const char **flag, const char *name,
const char *name, const char *descr) { const char *descr, const bool visible) {
const char *value; const char *value;
int value_length; int value_length;
if (visible)
AddFlagDescription(name, descr); AddFlagDescription(name, descr);
if (!GetFlagValue(env, name, &value, &value_length)) if (!GetFlagValue(env, name, &value, &value_length))
return; return;
// Copy the flag value. Don't use locks here, as flags are parsed at // Copy the flag value. Don't use locks here, as flags are parsed at
// tool startup. // tool startup.
char *value_copy = (char*)(allocator_for_flags.Allocate(value_length + 1)); char *value_copy = (char*)(allocator_for_flags.Allocate(value_length + 1));
internal_memcpy(value_copy, value, value_length); internal_memcpy(value_copy, value, value_length);
value_copy[value_length] = '\0'; value_copy[value_length] = '\0';
*flag = value_copy; *flag = value_copy;
} }
} // namespace __sanitizer } // namespace __sanitizer

lib/sanitizer_common/sanitizer_linux.cc

Show First 20 LinesShow All 393 Lines▼ Show 20 Lines#if !SANITIZER_GO
} else { } else {
static const int kMaxArgv = 2000, kMaxEnvp = 2000; static const int kMaxArgv = 2000, kMaxEnvp = 2000;
ReadNullSepFileToArray("/proc/self/cmdline", argv, kMaxArgv); ReadNullSepFileToArray("/proc/self/cmdline", argv, kMaxArgv);
ReadNullSepFileToArray("/proc/self/environ", envp, kMaxEnvp); ReadNullSepFileToArray("/proc/self/environ", envp, kMaxEnvp);
} }
#endif #endif
} }
void ReExec() { // Parse environment variable string and get name and value lengths
void ParseEnvVar(const char *env, uptr *lhs_len, uptr *rhs_len) {
uptr env_len = internal_strlen(env);
const char *val = internal_strchr(env, '=');
CHECK_NE(val, 0);
*lhs_len = val - env;
*rhs_len = env_len - *lhs_len - 1;
}
// Return index of environment variable in environ array
// or -1 if the variable is not set
int EnvVarIdx(const char **environ, const char *var, const uptr var_len) {
for (int var_idx = 0; environ[var_idx]; ++var_idx)
if ((!internal_strncmp(environ[var_idx], var, var_len)) &&
(environ[var_idx][var_len] == '='))
return var_idx;
return -1;
}
// Append new value to colon separated list 'str' started with "name="
// where name is 'lhs' chars len
static char *AppendToColonList(const char *str, uptr lhs_len, const char *add,
uptr add_len) {
int new_str_len = internal_strlen(str) + add_len - lhs_len;
char *new_str = (char *)MmapOrDie((new_str_len + 1) * sizeof(char), __func__);
// Set firstly new value, so the new assignment begins with "name=val"
internal_strncpy(new_str, add, add_len);
// Then append old values separated with ":"
const char *str_rhs = str + lhs_len + 1;
if (str_rhs) {
new_str[add_len] = ':';
internal_strncpy(new_str + add_len + 1, str_rhs, internal_strlen(str_rhs));
}
new_str[new_str_len] = '\0';
return new_str;
}
static char **AppendToEnv(const char **environ, const char **add_vars) {
// Count number of original environment variables
int num_vars;
for (num_vars = 0; environ[num_vars]; ++num_vars) {
}
// Count number of environment variables to be added
int num_add_vars;
for (num_add_vars = 0; add_vars[num_add_vars]; ++num_add_vars) {
}
// Copy original environment to newly allocated array
char **new_environ = (char **)MmapOrDie(
sizeof(char *) * (num_vars + num_add_vars + 1), __func__);
internal_memcpy(new_environ, environ, num_vars * sizeof(char *));
// Iterate over array of environment variables to be added
for (const char **add_varp = add_vars; *add_varp; ++add_varp) {
const char *add_var = *add_varp;
// Parse original environment to check if "name" already was set
uptr lhs_len, rhs_len;
ParseEnvVar(add_var, &lhs_len, &rhs_len);
int var_idx =
EnvVarIdx(environ, add_var, lhs_len);
if (var_idx < 0) {
// Add new enviroment variable to the new environ array
new_environ[num_vars++] = const_cast<char *>(add_var);
} else {
// Environment variable "name" was already set
// Append "val:" to the beginning of existing "name" assignemnt
new_environ[var_idx] = AppendToColonList(environ[var_idx], lhs_len,
add_var, lhs_len + rhs_len + 1);
}
}
// Set the end of new environment variables array
new_environ[num_vars + 1] = NULL;
return new_environ;
}
void ReExec(const char **add_envp) {
char **argv, **envp; char **argv, **envp;
GetArgsAndEnv(&argv, &envp); GetArgsAndEnv(&argv, &envp);
if (add_envp)
envp = AppendToEnv(const_cast<const char **>(envp), add_envp);
uptr rv = internal_execve("/proc/self/exe", argv, envp); uptr rv = internal_execve("/proc/self/exe", argv, envp);
int rverrno; int rverrno;
CHECK_EQ(internal_iserror(rv, &rverrno), true); CHECK_EQ(internal_iserror(rv, &rverrno), true);
Printf("execve failed, errno %d\n", rverrno); Printf("execve failed, errno %d\n", rverrno);
Die(); Die();
} }
// Stub implementation of GetThreadStackAndTls for Go. // Stub implementation of GetThreadStackAndTls for Go.
▲ Show 20 LinesShow All 466 LinesShow Last 20 Lines

test/asan/TestCases/Linux/asan_dlopen_test.cc

// Test that dlopen of dynamic runtime is prohibited. // Test that dlopen of dynamic runtime is prohibited.
// //
// RUN: %clangxx %s -DRT=\"%shared_libasan\" -o %t -ldl // RUN: %clangxx %s -DRT=\"%shared_libasan\" -o %t -ldl
// RUN: not %run %t 2>&1 | FileCheck %s // RUN: ASAN_OPTIONS=allow_reexec=false not %run %t 2>&1 | FileCheck %s
// REQUIRES: asan-dynamic-runtime // REQUIRES: asan-dynamic-runtime
// XFAIL: android // XFAIL: android
#include <dlfcn.h> #include <dlfcn.h>
int main(int argc, char **argv) { int main(int argc, char **argv) {
dlopen(RT, RTLD_LAZY); dlopen(RT, RTLD_LAZY);
return 0; return 0;
} }
// CHECK: ASan runtime does not come first in initial library list // CHECK: ASan runtime does not come first in initial library list

test/asan/TestCases/Linux/asan_reexec_test-1.cc

  • This file was added.
// Test that non-sanitized executables work with sanitized shared libs
// without preloaded runtime by reexecuting the process.
//
// RUN: %clangxx -DBUILD_SO=1 -fPIC -shared %s -o %t.so
// RUN: %clangxx %s %t.so -o %t
// RUN: %clangxx_asan -DBUILD_SO=1 -fPIC -shared %s -o %t.so
//
// Check that re-exec with libasan preloaded works
// RUN: not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-reexec
//
// Check that error is correctly reported when reexec is disabled
// RUN: ASAN_OPTIONS=allow_reexec=false not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-noreexec
//
// Check that LD_PRELOAD for libasan works
// RUN: LD_PRELOAD=%shared_libasan not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-reexec
//
// Check that reexec works in presense on non-empty ASAN_OPTIONS
// RUN: ASAN_OPTIONS=verbosity=1 not %run %t 2>&1 | FileCheck %s --check-prefix=CHECK-verbose --check-prefix=CHECK-reexec
//
// REQUIRES: asan-dynamic-runtime
// CHECK-noreexec: ASan runtime does not come first in initial library list
// CHECK-noreexec: let ASan to reexec by setting ASAN_OPTIONS=allow_reexec=true
// CHECK-verbose: Parsed ASAN_OPTIONS: verbosity=1
// CHECK-verbose: exec()-ing the program with
// CHECK-verbose: Parsed ASAN_OPTIONS: reexec_done=true:verbosity=1
#if BUILD_SO
char dummy;
void do_access(const void *p) {
dummy = ((const char *)p)[1];
// CHECK-reexec: AddressSanitizer: heap-buffer-overflow
}
#else
#include <stdlib.h>
extern void do_access(const void *p);
int main(int argc, char **argv) {
void *p = malloc(1);
do_access(p);
free(p);
return 0;
}
#endif

test/asan/TestCases/Linux/asan_reexec_test-2.cc

  • This file was added.
// Test that that reexec trick is invisible to application
//
// RUN: %clangxx -DBUILD_SO1=1 -fPIC -shared %s -o %t.1.so
// RUN: %clangxx %s %t.1.so -o %t
// RUN: %clangxx_asan -DBUILD_SO1=1 -fPIC -shared %s -o %t.1.so
// RUN: %clangxx -DBUILD_SO2=1 -fPIC -shared %s -o %t.2.so
//
// Check that LD_PRELOAD and ASAN_OPTIONS are not changed after reexec
// and original environment "DUMMY_ENV=abcd" is preserved
// RUN: ASAN_OPTIONS=verbosity=1 DUMMY_ENV=abcd LD_PRELOAD=%t.2.so %run %t 2>&1 | FileCheck %s
//
// REQUIRES: asan-dynamic-runtime
// CHECK: Parsed ASAN_OPTIONS: verbosity=1
// CHECK: exec()-ing the program with
// CHECK: Parsed ASAN_OPTIONS: reexec_done=true:verbosity=1
#include <stdlib.h>
#include <stdio.h>
#if BUILD_SO1
void print_asan_options() {
char *asan_options = getenv("ASAN_OPTIONS");
printf("Asan options: %s\n", asan_options);
// CHECK-NOT: Asan options: {{.*reexec_done}}
// CHECK: Asan options: {{verbosity=1$}}
}
void print_dummy_env() {
char *dummy_env = getenv("DUMMY_ENV");
printf("Dummy env: %s\n", dummy_env);
// CHECK: Dummy env: {{abcd$}}
}
void print_ld_preload() {
printf("Function is not implemented in this library\n");
// CHECK-NOT: Function is not implemented in this library
}
#elif BUILD_SO2
void print_ld_preload() {
char *ld_preload = getenv("LD_PRELOAD");
printf("Ld preload: %s\n", ld_preload);
// CHECK-NOT: Ld preload: {{.*libclang_rt.asan}}
// CHECK: Ld preload: {{.*.2.so$}}
}
#else
extern void print_asan_options();
extern void print_dummy_env();
extern void print_ld_preload();
int main(int argc, char **argv) {
print_asan_options();
print_dummy_env();
print_ld_preload();
return 0;
}
#endif