This is an archive of the discontinued LLVM Phabricator instance.

Paths

Table of Contentst

-
compiler-rt/
-
lib/sanitizer_common/
-
sanitizer_common/
-
sanitizer_signal_interceptors.inc
-
test/msan/
-
msan/
7/7
interception_sigaction_test.cpp

Differential D85797

Fix sigaction interceptor to always correctly populate oldact
ClosedPublic

Authored by IanPudney on Aug 11 2020, 5:07 PM.

Download Raw Diff

Details

Reviewers

morehouse
kcc
eugenis

Commits

rGfd893bda5576: Fix sigaction interceptor to always correctly populate oldact

Summary

This fixes https://bugs.llvm.org/show_bug.cgi?id=47118. Before this change, when the sigaction interceptor prevented a signal from being changed, it also prevented the oldact output parameter from being written to. This resulted in a use-of-uninitialized-variable by any program that used sigaction for the purpose of reading signals.

This change fixes this: the regular sigaction implementation is still called, but with the act parameter nullified, preventing any changes.

Diff Detail

Repository: rG LLVM Github Monorepo

Event Timeline

IanPudney created this revision.Aug 11 2020, 5:07 PM

Herald added a project: Restricted Project. · View Herald TranscriptAug 11 2020, 5:07 PM

Herald added a subscriber: Restricted Project. · View Herald Transcript

IanPudney requested review of this revision.Aug 11 2020, 5:07 PM

guiand added a reviewer: eugenis.Aug 11 2020, 5:13 PM

morehouse added inline comments.Aug 11 2020, 5:45 PM

compiler-rt/test/msan/interception_sigaction_test.cpp
14	Do we need this wrapper? Maybe set `MSAN_OPTIONS=handle_segv=2` to force the mode we need, and then attempt to install your own handler and ensure it is never called.
18	Nit: s/11/`SIGSEGV`
19	Why do we need a loop?
21	Nit: Can we use fprintf?

Harbormaster completed remote builds in B68035: Diff 284936.Aug 11 2020, 6:43 PM

IanPudney updated this revision to Diff 284970.Aug 11 2020, 10:49 PM

IanPudney marked 4 inline comments as done.

IanPudney added inline comments.

compiler-rt/test/msan/interception_sigaction_test.cpp
14	So, I copied this pattern from other tests that test interceptors. I believe the purpose of the wrapper is to make sure that the interceptor is being called rather than the original one; that way, we know the test is actually testing what it's supposed to. I suppose your proposal would also achieve that, but this seems simpler and matches what other tests do.
19	Oops, I was planning to iterate over all signals and make sure they all worked, but then decided SIGSEGV was enough. Removed.
21	Done. Can't on the other one though, because it's happening in a signal handler.

Harbormaster completed remote builds in B68058: Diff 284970.Aug 11 2020, 11:14 PM

LGTM

This revision is now accepted and ready to land.Aug 12 2020, 8:12 AM

This revision was landed with ongoing or failed builds.Aug 12 2020, 10:12 AM

Closed by commit rGfd893bda5576: Fix sigaction interceptor to always correctly populate oldact (authored by morehouse). · Explain Why

This revision was automatically updated to reflect the committed changes.

morehouse added a commit: rGfd893bda5576: Fix sigaction interceptor to always correctly populate oldact.

Revision Contents

Path

Size

compiler-rt/

lib/

sanitizer_common/

sanitizer_signal_interceptors.inc

5 lines

test/

msan/

interception_sigaction_test.cpp

25 lines

Diff 285133

compiler-rt/lib/sanitizer_common/sanitizer_signal_interceptors.inc

Show First 20 Lines • Show All 47 Lines • ▼ Show 20 Lines	INTERCEPTOR(uptr, signal, int signum, uptr handler) {
if (GetHandleSignalMode(signum) == kHandleSignalExclusive)		if (GetHandleSignalMode(signum) == kHandleSignalExclusive)
return (uptr) nullptr;		return (uptr) nullptr;
SIGNAL_INTERCEPTOR_SIGNAL_IMPL(signal, signum, handler);		SIGNAL_INTERCEPTOR_SIGNAL_IMPL(signal, signum, handler);
}		}
#define INIT_SIGNAL COMMON_INTERCEPT_FUNCTION(signal)		#define INIT_SIGNAL COMMON_INTERCEPT_FUNCTION(signal)

INTERCEPTOR(int, sigaction_symname, int signum,		INTERCEPTOR(int, sigaction_symname, int signum,
const __sanitizer_sigaction act, __sanitizer_sigaction oldact) {		const __sanitizer_sigaction act, __sanitizer_sigaction oldact) {
if (GetHandleSignalMode(signum) == kHandleSignalExclusive) return 0;		if (GetHandleSignalMode(signum) == kHandleSignalExclusive) {
		if (!oldact) return 0;
		act = nullptr;
		}
SIGNAL_INTERCEPTOR_SIGACTION_IMPL(signum, act, oldact);		SIGNAL_INTERCEPTOR_SIGACTION_IMPL(signum, act, oldact);
}		}
#define INIT_SIGACTION COMMON_INTERCEPT_FUNCTION(sigaction_symname)		#define INIT_SIGACTION COMMON_INTERCEPT_FUNCTION(sigaction_symname)

namespace __sanitizer {		namespace __sanitizer {
int real_sigaction(int signum, const void act, void oldact) {		int real_sigaction(int signum, const void act, void oldact) {
return REAL(sigaction_symname)(signum, (const __sanitizer_sigaction *)act,		return REAL(sigaction_symname)(signum, (const __sanitizer_sigaction *)act,
(__sanitizer_sigaction *)oldact);		(__sanitizer_sigaction *)oldact);
Show All 22 Lines

compiler-rt/test/msan/interception_sigaction_test.cpp

This file was added.

				// RUN: %clangxx_msan -O0 -g %s -o %t
				// RUN: MSAN_OPTIONS=handle_segv=2 %t 2>&1 \| FileCheck %s
				#include <stdlib.h>
				#include <stdio.h>
				#include <unistd.h>
				#include <signal.h>
				#include <string.h>

				extern "C" int __interceptor_sigaction(int signum, const struct sigaction act, struct sigaction oldact);
				extern "C" int sigaction(int signum, const struct sigaction act, struct sigaction oldact) {
				write(2, "sigaction call\n", sizeof("sigaction call\n") - 1);
				return __interceptor_sigaction(signum, act, oldact);
				}

				morehouseUnsubmitted Done Reply Inline Actions Do we need this wrapper? Maybe set `MSAN_OPTIONS=handle_segv=2` to force the mode we need, and then attempt to install your own handler and ensure it is never called. morehouse: Do we need this wrapper? Maybe set `MSAN_OPTIONS=handle_segv=2` to force the mode we need, and…
				IanPudneyAuthorUnsubmitted Done Reply Inline Actions So, I copied this pattern from other tests that test interceptors. I believe the purpose of the wrapper is to make sure that the interceptor is being called rather than the original one; that way, we know the test is actually testing what it's supposed to. I suppose your proposal would also achieve that, but this seems simpler and matches what other tests do. IanPudney: So, I copied this pattern from other tests that test interceptors. I believe the purpose of the…
				int main() {
				struct sigaction oldact;
				sigaction(SIGSEGV, nullptr, &oldact);

				morehouseUnsubmitted Done Reply Inline Actions Nit: s/11/`SIGSEGV` morehouse: Nit: s/11/`SIGSEGV`
				if (oldact.sa_handler \|\| oldact.sa_sigaction) {
				morehouseUnsubmitted Done Reply Inline Actions Why do we need a loop? morehouse: Why do we need a loop?
				IanPudneyAuthorUnsubmitted Done Reply Inline Actions Oops, I was planning to iterate over all signals and make sure they all worked, but then decided SIGSEGV was enough. Removed. IanPudney: Oops, I was planning to iterate over all signals and make sure they all worked, but then…
				fprintf(stderr, "oldact filled\n");
				}
				morehouseUnsubmitted Done Reply Inline Actions Nit: Can we use fprintf? morehouse: Nit: Can we use fprintf?
				IanPudneyAuthorUnsubmitted Done Reply Inline Actions Done. Can't on the other one though, because it's happening in a signal handler. IanPudney: Done. Can't on the other one though, because it's happening in a signal handler.
				return 0;
				// CHECK: sigaction call
				// CHECK: oldact filled
				}