| blob | 234b18bd83aa541b299b4800e63814cb2aa5e1bb |
1 //===-- asan_interceptors.cpp ---------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of AddressSanitizer, an address sanity checker.
10 //
11 // Intercept various libc functions.
12 //===----------------------------------------------------------------------===//
30 // There is no general interception at all on Fuchsia.
31 // Only the functions in asan_interceptors_memintrinsics.cpp are
32 // really defined to replace libc functions.
33 #if !SANITIZER_FUCHSIA
35 # if SANITIZER_POSIX
37 # endif
39 # if ASAN_INTERCEPT__UNWIND_RAISEEXCEPTION || \
40 ASAN_INTERCEPT__SJLJ_UNWIND_RAISEEXCEPTION
41 # include <unwind.h>
42 # endif
44 # if defined(__i386) && SANITIZER_LINUX
46 # elif defined(__mips__) && SANITIZER_LINUX
48 # endif
52 #define ASAN_READ_STRING_OF_LEN(ctx, s, len, n) \
53 ASAN_READ_RANGE((ctx), (s), \
54 common_flags()->strict_string_checks ? (len) + 1 : (n))
56 # define ASAN_READ_STRING(ctx, s, n) \
57 ASAN_READ_STRING_OF_LEN((ctx), (s), internal_strlen(s), (n))
60 #if SANITIZER_INTERCEPT_STRNLEN
63 }
64 #endif
66 }
72 }
78 }
79 // FIXME: ask frontend whether we need to return failure.
81 }
85 // ---------------------- Wrappers ---------------- {{{1
91 #define COMMON_INTERCEPT_FUNCTION_VER(name, ver) \
92 ASAN_INTERCEPT_FUNC_VER(name, ver)
93 #define COMMON_INTERCEPT_FUNCTION_VER_UNVERSIONED_FALLBACK(name, ver) \
94 ASAN_INTERCEPT_FUNC_VER_UNVERSIONED_FALLBACK(name, ver)
95 #define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \
96 ASAN_WRITE_RANGE(ctx, ptr, size)
97 #define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
98 ASAN_READ_RANGE(ctx, ptr, size)
99 # define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \
100 ASAN_INTERCEPTOR_ENTER(ctx, func); \
101 do { \
102 if (AsanInitIsRunning()) \
103 return REAL(func)(__VA_ARGS__); \
104 if (SANITIZER_APPLE && UNLIKELY(!AsanInited())) \
105 return REAL(func)(__VA_ARGS__); \
106 ENSURE_ASAN_INITED(); \
107 } while (false)
108 #define COMMON_INTERCEPTOR_DIR_ACQUIRE(ctx, path) \
109 do { \
110 } while (false)
111 #define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) \
112 do { \
113 } while (false)
114 #define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) \
115 do { \
116 } while (false)
117 #define COMMON_INTERCEPTOR_FD_SOCKET_ACCEPT(ctx, fd, newfd) \
118 do { \
119 } while (false)
120 #define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) SetThreadName(name)
121 // Should be asanThreadRegistry().SetThreadNameByUserId(thread, name)
122 // But asan does not remember UserId's for threads (pthread_t);
123 // and remembers all ever existed threads, so the linear search by UserId
124 // can be slow.
125 #define COMMON_INTERCEPTOR_SET_PTHREAD_NAME(ctx, thread, name) \
126 do { \
127 } while (false)
128 #define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name)
129 // Strict init-order checking is dlopen-hostile:
130 // https://github.com/google/sanitizers/issues/178
131 # define COMMON_INTERCEPTOR_DLOPEN(filename, flag) \
132 ({ \
133 if (flags()->strict_init_order) \
134 StopInitOrderChecking(); \
135 CheckNoDeepBind(filename, flag); \
136 REAL(dlopen)(filename, flag); \
137 })
138 # define COMMON_INTERCEPTOR_ON_EXIT(ctx) OnExit()
139 # define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle)
140 # define COMMON_INTERCEPTOR_LIBRARY_UNLOADED()
141 # define COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED (!AsanInited())
142 # define COMMON_INTERCEPTOR_GET_TLS_RANGE(begin, end) \
143 if (AsanThread *t = GetCurrentThread()) { \
144 *begin = t->tls_begin(); \
145 *end = t->tls_end(); \
146 } else { \
147 *begin = *end = 0; \
148 }
158 // Only unpoison shadow if it's an ASAN managed address.
161 }
163 }
167 // We should not tag if munmap fail, but it's to late to tag after
168 // real_munmap, as the pages could be mmaped by another thread.
172 // Protect from unmapping the shadow.
175 }
177 }
179 # define COMMON_INTERCEPTOR_MMAP_IMPL(ctx, mmap, addr, length, prot, flags, \
180 fd, offset) \
181 do { \
182 (void)(ctx); \
183 return mmap_interceptor(REAL(mmap), addr, sz, prot, flags, fd, off); \
184 } while (false)
186 # define COMMON_INTERCEPTOR_MUNMAP_IMPL(ctx, addr, length) \
187 do { \
188 (void)(ctx); \
189 return munmap_interceptor(REAL(munmap), addr, sz); \
190 } while (false)
192 #if CAN_SANITIZE_LEAKS
193 #define COMMON_INTERCEPTOR_STRERROR() \
194 __lsan::ScopedInterceptorDisabler disabler
195 #endif
197 #define SIGNAL_INTERCEPTOR_ENTER() ENSURE_ASAN_INITED()
202 // Syscall interceptors don't have contexts, we don't support suppressions
203 // for them.
204 #define COMMON_SYSCALL_PRE_READ_RANGE(p, s) ASAN_READ_RANGE(nullptr, p, s)
205 #define COMMON_SYSCALL_PRE_WRITE_RANGE(p, s) ASAN_WRITE_RANGE(nullptr, p, s)
206 #define COMMON_SYSCALL_POST_READ_RANGE(p, s) \
207 do { \
208 (void)(p); \
209 (void)(s); \
210 } while (false)
211 #define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) \
212 do { \
213 (void)(p); \
214 (void)(s); \
215 } while (false)
219 #if ASAN_INTERCEPT_PTHREAD_CREATE
227 # if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD || \
228 SANITIZER_SOLARIS
229 __sanitizer_sigset_t sigset;
232 # endif
237 }
242 // Strict init-order checking is thread-hostile.
245 GET_STACK_TRACE_THREAD;
250 }();
254 __sanitizer_sigset_t sigset = {};
255 # if SANITIZER_FREEBSD || SANITIZER_LINUX || SANITIZER_NETBSD || \
256 SANITIZER_SOLARIS
258 # endif
263 {
264 // Ignore all allocations made by pthread_create: thread stack/TLS may be
265 // stored by pthread for future reuse even after thread destruction, and
266 // the linked list it's stored in doesn't even hold valid pointers to the
267 // objects, the latter are calculated by obscure pointer arithmetic.
268 # if CAN_SANITIZE_LEAKS
270 # endif
274 });
275 }
277 // If the thread didn't start delete the AsanThread to avoid leaking it.
278 // Note AsanThreadContexts never get destroyed so the AsanThreadContext
279 // that was just created for the AsanThread is wasted.
281 }
283 }
290 });
292 }
299 });
301 }
306 }
308 # if ASAN_INTERCEPT_TRYJOIN
314 });
316 }
317 # endif
319 # if ASAN_INTERCEPT_TIMEDJOIN
326 });
328 }
329 # endif
331 DEFINE_REAL_PTHREAD_FUNCTIONS
334 #if ASAN_INTERCEPT_SWAPCONTEXT
336 // Only clear if we know the stack. This should be true only for contexts
337 // created with makecontext().
340 // Align to page size.
348 }
351 ...) {
354 // We don't know a better way to forward ... into REAL function. We can
355 // increase args size if neccecary.
362 # define ENUMERATE_ARRAY_4(start) \
363 args[start], args[start + 1], args[start + 2], args[start + 3]
364 # define ENUMERATE_ARRAY_16(start) \
365 ENUMERATE_ARRAY_4(start), ENUMERATE_ARRAY_4(start + 4), \
366 ENUMERATE_ARRAY_4(start + 8), ENUMERATE_ARRAY_4(start + 12)
367 # define ENUMERATE_ARRAY_64() \
368 ENUMERATE_ARRAY_16(0), ENUMERATE_ARRAY_16(16), ENUMERATE_ARRAY_16(32), \
369 ENUMERATE_ARRAY_16(48)
374 # undef ENUMERATE_ARRAY_4
375 # undef ENUMERATE_ARRAY_16
376 # undef ENUMERATE_ARRAY_64
378 // Sign the stack so we can identify it for unpoisoning.
380 }
389 }
390 // Clear shadow memory for new context (it may share stack
391 // with current context).
396 # if __has_attribute(__indirect_return__) && \
397 (defined(__x86_64__) || defined(__i386__))
401 # else
403 # endif
404 // swapcontext technically does not return, but program may swap context to
405 // "oucp" later, that would look as if swapcontext() returned 0.
406 // We need to clear shadow for ucp once again, as it may be in arbitrary
407 // state.
410 }
413 #if SANITIZER_NETBSD
414 #define longjmp __longjmp14
415 #define siglongjmp __siglongjmp14
416 #endif
421 }
423 #if ASAN_INTERCEPT__LONGJMP
427 }
428 #endif
430 #if ASAN_INTERCEPT___LONGJMP_CHK
434 }
435 #endif
437 #if ASAN_INTERCEPT_SIGLONGJMP
441 }
442 #endif
444 #if ASAN_INTERCEPT___CXA_THROW
449 }
450 #endif
452 #if ASAN_INTERCEPT___CXA_RETHROW_PRIMARY_EXCEPTION
457 }
458 #endif
460 #if ASAN_INTERCEPT__UNWIND_RAISEEXCEPTION
466 }
467 #endif
469 #if ASAN_INTERCEPT__SJLJ_UNWIND_RAISEEXCEPTION
475 }
476 #endif
478 #if ASAN_INTERCEPT_INDEX
479 # if ASAN_USE_ALIAS_ATTRIBUTE_FOR_INDEX
482 # else
483 # if SANITIZER_APPLE
486 # else
488 # endif
489 # endif
492 // For both strcat() and strncat() we need to check the validity of |to|
493 // argument irrespective of the |from| length.
504 // If the copying actually happens, the |from| string should not overlap
505 // with the resulting string starting at |to|, which has a length of
506 // to_length + from_length + 1.
510 }
511 }
513 }
529 }
530 }
532 }
537 #if SANITIZER_APPLE
540 #endif
541 // strcpy is called from malloc_default_purgeable_zone()
542 // in __asan::ReplaceSystemAlloc() on Mac.
545 }
552 }
554 }
565 }
566 GET_STACK_TRACE_MALLOC;
570 }
572 }
574 #if ASAN_INTERCEPT___STRDUP
584 }
585 GET_STACK_TRACE_MALLOC;
589 }
591 }
603 }
605 }
617 }
619 # define INTERCEPTOR_STRTO_BASE(ret_type, func) \
620 INTERCEPTOR(ret_type, func, const char *nptr, char **endptr, int base) { \
621 void *ctx; \
622 ASAN_INTERCEPTOR_ENTER(ctx, func); \
623 ENSURE_ASAN_INITED(); \
624 return StrtolImpl(ctx, REAL(func), nptr, endptr, base); \
625 }
630 # if SANITIZER_GLIBC
633 # endif
638 #if SANITIZER_APPLE
641 # endif
645 }
647 // "man atoi" tells that behavior of atoi(nptr) is the same as
648 // strtol(nptr, 0, 10), i.e. it sets errno to ERANGE if the
649 // parsed integer can't be stored in *long* type (even if it's
650 // different from int). So, we just imitate this behavior.
655 }
660 #if SANITIZER_APPLE
663 # endif
667 }
673 }
681 }
687 }
689 #if ASAN_INTERCEPT___CXA_ATEXIT || ASAN_INTERCEPT_ATEXIT
693 }
694 #endif
696 #if ASAN_INTERCEPT___CXA_ATEXIT
699 #if SANITIZER_APPLE
702 # endif
704 #if CAN_SANITIZE_LEAKS
706 #endif
710 }
713 #if ASAN_INTERCEPT_ATEXIT
716 #if CAN_SANITIZE_LEAKS
718 #endif
719 // Avoid calling real atexit as it is unreachable on at least on Linux.
723 }
724 #endif
726 #if ASAN_INTERCEPT_PTHREAD_ATFORK
730 };
734 #if CAN_SANITIZE_LEAKS
736 #endif
737 // REAL(pthread_atfork) cannot be called due to symbol indirections at least
738 // on NetBSD
740 }
741 #endif
743 #if ASAN_INTERCEPT_VFORK
746 #endif
748 // ---------------------- InitializeAsanInterceptors ---------------- {{{1
758 // Intercept str* functions.
764 #if ASAN_INTERCEPT___STRDUP
766 #endif
767 #if ASAN_INTERCEPT_INDEX && ASAN_USE_ALIAS_ATTRIBUTE_FOR_INDEX
769 #endif
776 # if SANITIZER_GLIBC
779 # endif
781 // Intecept jump-related functions.
784 # if ASAN_INTERCEPT_SWAPCONTEXT
787 # endif
788 # if ASAN_INTERCEPT__LONGJMP
790 #endif
791 #if ASAN_INTERCEPT___LONGJMP_CHK
793 #endif
794 #if ASAN_INTERCEPT_SIGLONGJMP
796 #endif
798 // Intercept exception handling functions.
799 #if ASAN_INTERCEPT___CXA_THROW
801 #endif
802 #if ASAN_INTERCEPT___CXA_RETHROW_PRIMARY_EXCEPTION
804 #endif
805 // Indirectly intercept std::rethrow_exception.
806 #if ASAN_INTERCEPT__UNWIND_RAISEEXCEPTION
808 #endif
809 // Indirectly intercept std::rethrow_exception.
810 #if ASAN_INTERCEPT__UNWIND_SJLJ_RAISEEXCEPTION
812 #endif
814 // Intercept threading-related functions
815 #if ASAN_INTERCEPT_PTHREAD_CREATE
816 // TODO: this should probably have an unversioned fallback for newer arches?
817 #if defined(ASAN_PTHREAD_CREATE_VERSION)
819 #else
821 #endif
825 # endif
827 # if ASAN_INTERCEPT_TIMEDJOIN
829 #endif
831 #if ASAN_INTERCEPT_TRYJOIN
833 #endif
835 // Intercept atexit function.
836 #if ASAN_INTERCEPT___CXA_ATEXIT
838 #endif
840 #if ASAN_INTERCEPT_ATEXIT
842 #endif
844 #if ASAN_INTERCEPT_PTHREAD_ATFORK
846 #endif
848 #if ASAN_INTERCEPT_VFORK
850 #endif
853 }