From 3cf9bf343de5fbc0b755572c60e8ed53628ff614 Mon Sep 17 00:00:00 2001 From: Kirill Stoimenov <87100199+kstoimenov@users.noreply.github.com> Date: Fri, 3 Nov 2023 14:17:45 -0700 Subject: [PATCH] [HWASAN] Enable memcpy and memmove interceptors (#71217) --- .../lib/hwasan/hwasan_interceptors.cpp | 19 +---------- .../lib/hwasan/hwasan_platform_interceptors.h | 8 ++--- compiler-rt/test/hwasan/TestCases/memcpy.cpp | 32 +++++++++++++++++++ compiler-rt/test/hwasan/TestCases/memmove.cpp | 32 +++++++++++++++++++ 4 files changed, 69 insertions(+), 22 deletions(-) create mode 100644 compiler-rt/test/hwasan/TestCases/memcpy.cpp create mode 100644 compiler-rt/test/hwasan/TestCases/memmove.cpp diff --git a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp index 0889831373a803..1a77d776e65e4b 100644 --- a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp +++ b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp @@ -90,8 +90,7 @@ struct HWAsanInterceptorContext { # include "sanitizer_common/sanitizer_syscalls_netbsd.inc" # define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \ - do { \ - } while (false) + HWASAN_WRITE_RANGE(ctx, ptr, size) # define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \ HWASAN_READ_RANGE(ctx, ptr, size) @@ -147,22 +146,6 @@ struct HWAsanInterceptorContext { (void)(name); \ } while (false) -# define COMMON_INTERCEPTOR_MEMMOVE_IMPL(ctx, to, from, size) \ - do { \ - (void)(ctx); \ - (void)(to); \ - (void)(from); \ - (void)(size); \ - } while (false) - -# define COMMON_INTERCEPTOR_MEMCPY_IMPL(ctx, to, from, size) \ - do { \ - (void)(ctx); \ - (void)(to); \ - (void)(from); \ - (void)(size); \ - } while (false) - # define COMMON_INTERCEPTOR_MEMSET_IMPL(ctx, block, c, size) \ do { \ (void)(ctx); \ diff --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h index 86d26b5ac12d4a..e31ee9e406c67e 100644 --- a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h +++ b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h @@ -59,11 +59,11 @@ #undef SANITIZER_INTERCEPT_MEMSET #define SANITIZER_INTERCEPT_MEMSET 0 -#undef SANITIZER_INTERCEPT_MEMMOVE -#define SANITIZER_INTERCEPT_MEMMOVE 0 +// #undef SANITIZER_INTERCEPT_MEMMOVE +// #define SANITIZER_INTERCEPT_MEMMOVE 0 -#undef SANITIZER_INTERCEPT_MEMCPY -#define SANITIZER_INTERCEPT_MEMCPY 0 +// #undef SANITIZER_INTERCEPT_MEMCPY +// #define SANITIZER_INTERCEPT_MEMCPY 0 // #undef SANITIZER_INTERCEPT_MEMCMP // #define SANITIZER_INTERCEPT_MEMCMP 0 diff --git a/compiler-rt/test/hwasan/TestCases/memcpy.cpp b/compiler-rt/test/hwasan/TestCases/memcpy.cpp new file mode 100644 index 00000000000000..830449488fec49 --- /dev/null +++ b/compiler-rt/test/hwasan/TestCases/memcpy.cpp @@ -0,0 +1,32 @@ +// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s + +#include +#include +#include +#include + +__attribute__((no_sanitize("hwaddress"))) void +ForceCallInterceptor(void *p, const void *a, size_t size) { + memcpy(p, a, size); +} + +int main(int argc, char **argv) { + __hwasan_enable_allocator_tagging(); + char a[] = {static_cast(argc), 2, 3, 4}; + int size = sizeof(a); + char *volatile p = (char *)malloc(size); + free(p); + ForceCallInterceptor(p, a, size); + return 0; + // CHECK: HWAddressSanitizer: tag-mismatch on address + // CHECK: WRITE of size 4 + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-4]] + // CHECK: Cause: use-after-free + // CHECK: freed by thread + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-8]] + // CHECK: previously allocated by thread + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-11]] +} diff --git a/compiler-rt/test/hwasan/TestCases/memmove.cpp b/compiler-rt/test/hwasan/TestCases/memmove.cpp new file mode 100644 index 00000000000000..40dc3deeb39350 --- /dev/null +++ b/compiler-rt/test/hwasan/TestCases/memmove.cpp @@ -0,0 +1,32 @@ +// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s +// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s + +#include +#include +#include +#include + +__attribute__((no_sanitize("hwaddress"))) void +ForceCallInterceptor(void *p, const void *a, size_t size) { + memmove(p, a, size); +} + +int main(int argc, char **argv) { + __hwasan_enable_allocator_tagging(); + char a[] = {static_cast(argc), 2, 3, 4}; + int size = sizeof(a); + char *volatile p = (char *)malloc(size); + free(p); + ForceCallInterceptor(p, a, size); + return 0; + // CHECK: HWAddressSanitizer: tag-mismatch on address + // CHECK: WRITE of size 4 + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-4]] + // CHECK: Cause: use-after-free + // CHECK: freed by thread + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-8]] + // CHECK: previously allocated by thread + // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-11]] +}