1 //===-- asan_interceptors.cc ----------------------------------------------===// 2 // 3 // The LLVM Compiler Infrastructure 4 // 5 // This file is distributed under the University of Illinois Open Source 6 // License. See LICENSE.TXT for details. 7 // 8 //===----------------------------------------------------------------------===// 9 // 10 // This file is a part of AddressSanitizer, an address sanity checker. 11 // 12 // Intercept various libc functions. 13 //===----------------------------------------------------------------------===// 14 #include "asan_interceptors.h" 15 16 #include "asan_allocator.h" 17 #include "asan_intercepted_functions.h" 18 #include "asan_internal.h" 19 #include "asan_mapping.h" 20 #include "asan_report.h" 21 #include "asan_stack.h" 22 #include "asan_stats.h" 23 #include "asan_thread_registry.h" 24 #include "interception/interception.h" 25 #include "sanitizer_common/sanitizer_libc.h" 26 27 namespace __asan { 28 29 // Return true if we can quickly decide that the region is unpoisoned. 30 static inline bool QuickCheckForUnpoisonedRegion(uptr beg, uptr size) { 31 if (size == 0) return true; 32 if (size <= 32) 33 return !AddressIsPoisoned(beg) && 34 !AddressIsPoisoned(beg + size - 1) && 35 !AddressIsPoisoned(beg + size / 2); 36 return false; 37 } 38 39 // We implement ACCESS_MEMORY_RANGE, ASAN_READ_RANGE, 40 // and ASAN_WRITE_RANGE as macro instead of function so 41 // that no extra frames are created, and stack trace contains 42 // relevant information only. 43 // We check all shadow bytes. 44 #define ACCESS_MEMORY_RANGE(offset, size, isWrite) do { \ 45 uptr __offset = (uptr)(offset); \ 46 uptr __size = (uptr)(size); \ 47 uptr __bad = 0; \ 48 if (!QuickCheckForUnpoisonedRegion(__offset, __size) && \ 49 (__bad = __asan_region_is_poisoned(__offset, __size))) { \ 50 GET_CURRENT_PC_BP_SP; \ 51 __asan_report_error(pc, bp, sp, __bad, isWrite, __size); \ 52 } \ 53 } while (0) 54 55 #define ASAN_READ_RANGE(offset, size) ACCESS_MEMORY_RANGE(offset, size, false) 56 #define ASAN_WRITE_RANGE(offset, size) ACCESS_MEMORY_RANGE(offset, size, true); 57 58 // Behavior of functions like "memcpy" or "strcpy" is undefined 59 // if memory intervals overlap. We report error in this case. 60 // Macro is used to avoid creation of new frames. 61 static inline bool RangesOverlap(const char *offset1, uptr length1, 62 const char *offset2, uptr length2) { 63 return !((offset1 + length1 <= offset2) || (offset2 + length2 <= offset1)); 64 } 65 #define CHECK_RANGES_OVERLAP(name, _offset1, length1, _offset2, length2) do { \ 66 const char *offset1 = (const char*)_offset1; \ 67 const char *offset2 = (const char*)_offset2; \ 68 if (RangesOverlap(offset1, length1, offset2, length2)) { \ 69 GET_STACK_TRACE_FATAL_HERE; \ 70 ReportStringFunctionMemoryRangesOverlap(name, offset1, length1, \ 71 offset2, length2, &stack); \ 72 } \ 73 } while (0) 74 75 #define ENSURE_ASAN_INITED() do { \ 76 CHECK(!asan_init_is_running); \ 77 if (!asan_inited) { \ 78 __asan_init(); \ 79 } \ 80 } while (0) 81 82 static inline uptr MaybeRealStrnlen(const char *s, uptr maxlen) { 83 #if ASAN_INTERCEPT_STRNLEN 84 if (REAL(strnlen) != 0) { 85 return REAL(strnlen)(s, maxlen); 86 } 87 #endif 88 return internal_strnlen(s, maxlen); 89 } 90 91 void SetThreadName(const char *name) { 92 AsanThread *t = asanThreadRegistry().GetCurrent(); 93 if (t) 94 t->summary()->set_name(name); 95 } 96 97 } // namespace __asan 98 99 // ---------------------- Wrappers ---------------- {{{1 100 using namespace __asan; // NOLINT 101 102 #define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \ 103 ASAN_WRITE_RANGE(ptr, size) 104 #define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) ASAN_READ_RANGE(ptr, size) 105 #define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \ 106 do { \ 107 ctx = 0; \ 108 (void)ctx; \ 109 ENSURE_ASAN_INITED(); \ 110 } while (false) 111 #define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) do { } while (false) 112 #define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) do { } while (false) 113 #define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) SetThreadName(name) 114 #include "sanitizer_common/sanitizer_common_interceptors.inc" 115 116 static thread_return_t THREAD_CALLING_CONV asan_thread_start(void *arg) { 117 AsanThread *t = (AsanThread*)arg; 118 asanThreadRegistry().SetCurrent(t); 119 return t->ThreadStart(); 120 } 121 122 #if ASAN_INTERCEPT_PTHREAD_CREATE 123 INTERCEPTOR(int, pthread_create, void *thread, 124 void *attr, void *(*start_routine)(void*), void *arg) { 125 GET_STACK_TRACE_THREAD; 126 u32 current_tid = asanThreadRegistry().GetCurrentTidOrInvalid(); 127 AsanThread *t = AsanThread::Create(current_tid, start_routine, arg, &stack); 128 asanThreadRegistry().RegisterThread(t); 129 return REAL(pthread_create)(thread, attr, asan_thread_start, t); 130 } 131 #endif // ASAN_INTERCEPT_PTHREAD_CREATE 132 133 #if ASAN_INTERCEPT_SIGNAL_AND_SIGACTION 134 INTERCEPTOR(void*, signal, int signum, void *handler) { 135 if (!AsanInterceptsSignal(signum)) { 136 return REAL(signal)(signum, handler); 137 } 138 return 0; 139 } 140 141 INTERCEPTOR(int, sigaction, int signum, const struct sigaction *act, 142 struct sigaction *oldact) { 143 if (!AsanInterceptsSignal(signum)) { 144 return REAL(sigaction)(signum, act, oldact); 145 } 146 return 0; 147 } 148 #elif ASAN_POSIX 149 // We need to have defined REAL(sigaction) on posix systems. 150 DEFINE_REAL(int, sigaction, int signum, const struct sigaction *act, 151 struct sigaction *oldact); 152 #endif // ASAN_INTERCEPT_SIGNAL_AND_SIGACTION 153 154 #if ASAN_INTERCEPT_SWAPCONTEXT 155 static void ClearShadowMemoryForContextStack(uptr stack, uptr ssize) { 156 // Align to page size. 157 uptr PageSize = GetPageSizeCached(); 158 uptr bottom = stack & ~(PageSize - 1); 159 ssize += stack - bottom; 160 ssize = RoundUpTo(ssize, PageSize); 161 static const uptr kMaxSaneContextStackSize = 1 << 22; // 4 Mb 162 if (ssize && ssize <= kMaxSaneContextStackSize) { 163 PoisonShadow(bottom, ssize, 0); 164 } 165 } 166 167 INTERCEPTOR(int, swapcontext, struct ucontext_t *oucp, 168 struct ucontext_t *ucp) { 169 static bool reported_warning = false; 170 if (!reported_warning) { 171 Report("WARNING: ASan doesn't fully support makecontext/swapcontext " 172 "functions and may produce false positives in some cases!\n"); 173 reported_warning = true; 174 } 175 // Clear shadow memory for new context (it may share stack 176 // with current context). 177 uptr stack, ssize; 178 ReadContextStack(ucp, &stack, &ssize); 179 ClearShadowMemoryForContextStack(stack, ssize); 180 int res = REAL(swapcontext)(oucp, ucp); 181 // swapcontext technically does not return, but program may swap context to 182 // "oucp" later, that would look as if swapcontext() returned 0. 183 // We need to clear shadow for ucp once again, as it may be in arbitrary 184 // state. 185 ClearShadowMemoryForContextStack(stack, ssize); 186 return res; 187 } 188 #endif // ASAN_INTERCEPT_SWAPCONTEXT 189 190 INTERCEPTOR(void, longjmp, void *env, int val) { 191 __asan_handle_no_return(); 192 REAL(longjmp)(env, val); 193 } 194 195 #if ASAN_INTERCEPT__LONGJMP 196 INTERCEPTOR(void, _longjmp, void *env, int val) { 197 __asan_handle_no_return(); 198 REAL(_longjmp)(env, val); 199 } 200 #endif 201 202 #if ASAN_INTERCEPT_SIGLONGJMP 203 INTERCEPTOR(void, siglongjmp, void *env, int val) { 204 __asan_handle_no_return(); 205 REAL(siglongjmp)(env, val); 206 } 207 #endif 208 209 #if ASAN_INTERCEPT___CXA_THROW 210 INTERCEPTOR(void, __cxa_throw, void *a, void *b, void *c) { 211 CHECK(REAL(__cxa_throw)); 212 __asan_handle_no_return(); 213 REAL(__cxa_throw)(a, b, c); 214 } 215 #endif 216 217 // intercept mlock and friends. 218 // Since asan maps 16T of RAM, mlock is completely unfriendly to asan. 219 // All functions return 0 (success). 220 static void MlockIsUnsupported() { 221 static bool printed = 0; 222 if (printed) return; 223 printed = true; 224 Printf("INFO: AddressSanitizer ignores mlock/mlockall/munlock/munlockall\n"); 225 } 226 227 extern "C" { 228 INTERCEPTOR(int, mlock, const void *addr, uptr len) { 229 MlockIsUnsupported(); 230 return 0; 231 } 232 233 INTERCEPTOR(int, munlock, const void *addr, uptr len) { 234 MlockIsUnsupported(); 235 return 0; 236 } 237 238 INTERCEPTOR(int, mlockall, int flags) { 239 MlockIsUnsupported(); 240 return 0; 241 } 242 243 INTERCEPTOR(int, munlockall, void) { 244 MlockIsUnsupported(); 245 return 0; 246 } 247 } // extern "C" 248 249 static inline int CharCmp(unsigned char c1, unsigned char c2) { 250 return (c1 == c2) ? 0 : (c1 < c2) ? -1 : 1; 251 } 252 253 static inline int CharCaseCmp(unsigned char c1, unsigned char c2) { 254 int c1_low = ToLower(c1); 255 int c2_low = ToLower(c2); 256 return c1_low - c2_low; 257 } 258 259 INTERCEPTOR(int, memcmp, const void *a1, const void *a2, uptr size) { 260 if (!asan_inited) return internal_memcmp(a1, a2, size); 261 ENSURE_ASAN_INITED(); 262 if (flags()->replace_intrin) { 263 if (flags()->strict_memcmp) { 264 // Check the entire regions even if the first bytes of the buffers are 265 // different. 266 ASAN_READ_RANGE(a1, size); 267 ASAN_READ_RANGE(a2, size); 268 // Fallthrough to REAL(memcmp) below. 269 } else { 270 unsigned char c1 = 0, c2 = 0; 271 const unsigned char *s1 = (const unsigned char*)a1; 272 const unsigned char *s2 = (const unsigned char*)a2; 273 uptr i; 274 for (i = 0; i < size; i++) { 275 c1 = s1[i]; 276 c2 = s2[i]; 277 if (c1 != c2) break; 278 } 279 ASAN_READ_RANGE(s1, Min(i + 1, size)); 280 ASAN_READ_RANGE(s2, Min(i + 1, size)); 281 return CharCmp(c1, c2); 282 } 283 } 284 return REAL(memcmp(a1, a2, size)); 285 } 286 287 INTERCEPTOR(void*, memcpy, void *to, const void *from, uptr size) { 288 if (!asan_inited) return internal_memcpy(to, from, size); 289 // memcpy is called during __asan_init() from the internals 290 // of printf(...). 291 if (asan_init_is_running) { 292 return REAL(memcpy)(to, from, size); 293 } 294 ENSURE_ASAN_INITED(); 295 if (flags()->replace_intrin) { 296 if (to != from) { 297 // We do not treat memcpy with to==from as a bug. 298 // See http://llvm.org/bugs/show_bug.cgi?id=11763. 299 CHECK_RANGES_OVERLAP("memcpy", to, size, from, size); 300 } 301 ASAN_READ_RANGE(from, size); 302 ASAN_WRITE_RANGE(to, size); 303 } 304 // Interposing of resolver functions is broken on Mac OS 10.7 and 10.8. 305 // See also http://code.google.com/p/address-sanitizer/issues/detail?id=116. 306 return internal_memcpy(to, from, size); 307 } 308 309 INTERCEPTOR(void*, memmove, void *to, const void *from, uptr size) { 310 if (!asan_inited) return internal_memmove(to, from, size); 311 if (asan_init_is_running) { 312 return REAL(memmove)(to, from, size); 313 } 314 ENSURE_ASAN_INITED(); 315 if (flags()->replace_intrin) { 316 ASAN_READ_RANGE(from, size); 317 ASAN_WRITE_RANGE(to, size); 318 } 319 // Interposing of resolver functions is broken on Mac OS 10.7 and 10.8. 320 // See also http://code.google.com/p/address-sanitizer/issues/detail?id=116. 321 return internal_memmove(to, from, size); 322 } 323 324 INTERCEPTOR(void*, memset, void *block, int c, uptr size) { 325 if (!asan_inited) return internal_memset(block, c, size); 326 // memset is called inside Printf. 327 if (asan_init_is_running) { 328 return REAL(memset)(block, c, size); 329 } 330 ENSURE_ASAN_INITED(); 331 if (flags()->replace_intrin) { 332 ASAN_WRITE_RANGE(block, size); 333 } 334 return REAL(memset)(block, c, size); 335 } 336 337 INTERCEPTOR(char*, strchr, const char *str, int c) { 338 if (!asan_inited) return internal_strchr(str, c); 339 // strchr is called inside create_purgeable_zone() when MallocGuardEdges=1 is 340 // used. 341 if (asan_init_is_running) { 342 return REAL(strchr)(str, c); 343 } 344 ENSURE_ASAN_INITED(); 345 char *result = REAL(strchr)(str, c); 346 if (flags()->replace_str) { 347 uptr bytes_read = (result ? result - str : REAL(strlen)(str)) + 1; 348 ASAN_READ_RANGE(str, bytes_read); 349 } 350 return result; 351 } 352 353 #if ASAN_INTERCEPT_INDEX 354 # if ASAN_USE_ALIAS_ATTRIBUTE_FOR_INDEX 355 INTERCEPTOR(char*, index, const char *string, int c) 356 ALIAS(WRAPPER_NAME(strchr)); 357 # else 358 # if defined(__APPLE__) 359 DECLARE_REAL(char*, index, const char *string, int c) 360 OVERRIDE_FUNCTION(index, strchr); 361 # else 362 DEFINE_REAL(char*, index, const char *string, int c); 363 # endif 364 # endif 365 #endif // ASAN_INTERCEPT_INDEX 366 367 // For both strcat() and strncat() we need to check the validity of |to| 368 // argument irrespective of the |from| length. 369 INTERCEPTOR(char*, strcat, char *to, const char *from) { // NOLINT 370 ENSURE_ASAN_INITED(); 371 if (flags()->replace_str) { 372 uptr from_length = REAL(strlen)(from); 373 ASAN_READ_RANGE(from, from_length + 1); 374 uptr to_length = REAL(strlen)(to); 375 ASAN_READ_RANGE(to, to_length); 376 ASAN_WRITE_RANGE(to + to_length, from_length + 1); 377 // If the copying actually happens, the |from| string should not overlap 378 // with the resulting string starting at |to|, which has a length of 379 // to_length + from_length + 1. 380 if (from_length > 0) { 381 CHECK_RANGES_OVERLAP("strcat", to, from_length + to_length + 1, 382 from, from_length + 1); 383 } 384 } 385 return REAL(strcat)(to, from); // NOLINT 386 } 387 388 INTERCEPTOR(char*, strncat, char *to, const char *from, uptr size) { 389 ENSURE_ASAN_INITED(); 390 if (flags()->replace_str) { 391 uptr from_length = MaybeRealStrnlen(from, size); 392 uptr copy_length = Min(size, from_length + 1); 393 ASAN_READ_RANGE(from, copy_length); 394 uptr to_length = REAL(strlen)(to); 395 ASAN_READ_RANGE(to, to_length); 396 ASAN_WRITE_RANGE(to + to_length, from_length + 1); 397 if (from_length > 0) { 398 CHECK_RANGES_OVERLAP("strncat", to, to_length + copy_length + 1, 399 from, copy_length); 400 } 401 } 402 return REAL(strncat)(to, from, size); 403 } 404 405 INTERCEPTOR(int, strcmp, const char *s1, const char *s2) { 406 if (!asan_inited) return internal_strcmp(s1, s2); 407 if (asan_init_is_running) { 408 return REAL(strcmp)(s1, s2); 409 } 410 ENSURE_ASAN_INITED(); 411 unsigned char c1, c2; 412 uptr i; 413 for (i = 0; ; i++) { 414 c1 = (unsigned char)s1[i]; 415 c2 = (unsigned char)s2[i]; 416 if (c1 != c2 || c1 == '\0') break; 417 } 418 ASAN_READ_RANGE(s1, i + 1); 419 ASAN_READ_RANGE(s2, i + 1); 420 return CharCmp(c1, c2); 421 } 422 423 INTERCEPTOR(char*, strcpy, char *to, const char *from) { // NOLINT 424 #if defined(__APPLE__) 425 if (!asan_inited) return REAL(strcpy)(to, from); // NOLINT 426 #endif 427 // strcpy is called from malloc_default_purgeable_zone() 428 // in __asan::ReplaceSystemAlloc() on Mac. 429 if (asan_init_is_running) { 430 return REAL(strcpy)(to, from); // NOLINT 431 } 432 ENSURE_ASAN_INITED(); 433 if (flags()->replace_str) { 434 uptr from_size = REAL(strlen)(from) + 1; 435 CHECK_RANGES_OVERLAP("strcpy", to, from_size, from, from_size); 436 ASAN_READ_RANGE(from, from_size); 437 ASAN_WRITE_RANGE(to, from_size); 438 } 439 return REAL(strcpy)(to, from); // NOLINT 440 } 441 442 #if ASAN_INTERCEPT_STRDUP 443 INTERCEPTOR(char*, strdup, const char *s) { 444 #if defined(__APPLE__) 445 // FIXME: because internal_strdup() uses InternalAlloc(), which currently 446 // just calls malloc() on Mac, we can't use internal_strdup() with the 447 // dynamic runtime. We can remove the call to REAL(strdup) once InternalAlloc 448 // starts using mmap() instead. 449 // See also http://code.google.com/p/address-sanitizer/issues/detail?id=123. 450 if (!asan_inited) return REAL(strdup)(s); 451 #endif 452 if (!asan_inited) return internal_strdup(s); 453 ENSURE_ASAN_INITED(); 454 if (flags()->replace_str) { 455 uptr length = REAL(strlen)(s); 456 ASAN_READ_RANGE(s, length + 1); 457 } 458 return REAL(strdup)(s); 459 } 460 #endif 461 462 INTERCEPTOR(uptr, strlen, const char *s) { 463 if (!asan_inited) return internal_strlen(s); 464 // strlen is called from malloc_default_purgeable_zone() 465 // in __asan::ReplaceSystemAlloc() on Mac. 466 if (asan_init_is_running) { 467 return REAL(strlen)(s); 468 } 469 ENSURE_ASAN_INITED(); 470 uptr length = REAL(strlen)(s); 471 if (flags()->replace_str) { 472 ASAN_READ_RANGE(s, length + 1); 473 } 474 return length; 475 } 476 477 #if ASAN_INTERCEPT_STRCASECMP_AND_STRNCASECMP 478 INTERCEPTOR(int, strcasecmp, const char *s1, const char *s2) { 479 ENSURE_ASAN_INITED(); 480 unsigned char c1, c2; 481 uptr i; 482 for (i = 0; ; i++) { 483 c1 = (unsigned char)s1[i]; 484 c2 = (unsigned char)s2[i]; 485 if (CharCaseCmp(c1, c2) != 0 || c1 == '\0') break; 486 } 487 ASAN_READ_RANGE(s1, i + 1); 488 ASAN_READ_RANGE(s2, i + 1); 489 return CharCaseCmp(c1, c2); 490 } 491 492 INTERCEPTOR(int, strncasecmp, const char *s1, const char *s2, uptr n) { 493 ENSURE_ASAN_INITED(); 494 unsigned char c1 = 0, c2 = 0; 495 uptr i; 496 for (i = 0; i < n; i++) { 497 c1 = (unsigned char)s1[i]; 498 c2 = (unsigned char)s2[i]; 499 if (CharCaseCmp(c1, c2) != 0 || c1 == '\0') break; 500 } 501 ASAN_READ_RANGE(s1, Min(i + 1, n)); 502 ASAN_READ_RANGE(s2, Min(i + 1, n)); 503 return CharCaseCmp(c1, c2); 504 } 505 #endif // ASAN_INTERCEPT_STRCASECMP_AND_STRNCASECMP 506 507 INTERCEPTOR(int, strncmp, const char *s1, const char *s2, uptr size) { 508 if (!asan_inited) return internal_strncmp(s1, s2, size); 509 // strncmp is called from malloc_default_purgeable_zone() 510 // in __asan::ReplaceSystemAlloc() on Mac. 511 if (asan_init_is_running) { 512 return REAL(strncmp)(s1, s2, size); 513 } 514 ENSURE_ASAN_INITED(); 515 unsigned char c1 = 0, c2 = 0; 516 uptr i; 517 for (i = 0; i < size; i++) { 518 c1 = (unsigned char)s1[i]; 519 c2 = (unsigned char)s2[i]; 520 if (c1 != c2 || c1 == '\0') break; 521 } 522 ASAN_READ_RANGE(s1, Min(i + 1, size)); 523 ASAN_READ_RANGE(s2, Min(i + 1, size)); 524 return CharCmp(c1, c2); 525 } 526 527 INTERCEPTOR(char*, strncpy, char *to, const char *from, uptr size) { 528 ENSURE_ASAN_INITED(); 529 if (flags()->replace_str) { 530 uptr from_size = Min(size, MaybeRealStrnlen(from, size) + 1); 531 CHECK_RANGES_OVERLAP("strncpy", to, from_size, from, from_size); 532 ASAN_READ_RANGE(from, from_size); 533 ASAN_WRITE_RANGE(to, size); 534 } 535 return REAL(strncpy)(to, from, size); 536 } 537 538 #if ASAN_INTERCEPT_STRNLEN 539 INTERCEPTOR(uptr, strnlen, const char *s, uptr maxlen) { 540 ENSURE_ASAN_INITED(); 541 uptr length = REAL(strnlen)(s, maxlen); 542 if (flags()->replace_str) { 543 ASAN_READ_RANGE(s, Min(length + 1, maxlen)); 544 } 545 return length; 546 } 547 #endif // ASAN_INTERCEPT_STRNLEN 548 549 static inline bool IsValidStrtolBase(int base) { 550 return (base == 0) || (2 <= base && base <= 36); 551 } 552 553 static inline void FixRealStrtolEndptr(const char *nptr, char **endptr) { 554 CHECK(endptr != 0); 555 if (nptr == *endptr) { 556 // No digits were found at strtol call, we need to find out the last 557 // symbol accessed by strtoll on our own. 558 // We get this symbol by skipping leading blanks and optional +/- sign. 559 while (IsSpace(*nptr)) nptr++; 560 if (*nptr == '+' || *nptr == '-') nptr++; 561 *endptr = (char*)nptr; 562 } 563 CHECK(*endptr >= nptr); 564 } 565 566 INTERCEPTOR(long, strtol, const char *nptr, // NOLINT 567 char **endptr, int base) { 568 ENSURE_ASAN_INITED(); 569 if (!flags()->replace_str) { 570 return REAL(strtol)(nptr, endptr, base); 571 } 572 char *real_endptr; 573 long result = REAL(strtol)(nptr, &real_endptr, base); // NOLINT 574 if (endptr != 0) { 575 *endptr = real_endptr; 576 } 577 if (IsValidStrtolBase(base)) { 578 FixRealStrtolEndptr(nptr, &real_endptr); 579 ASAN_READ_RANGE(nptr, (real_endptr - nptr) + 1); 580 } 581 return result; 582 } 583 584 INTERCEPTOR(int, atoi, const char *nptr) { 585 #if defined(__APPLE__) 586 if (!asan_inited) return REAL(atoi)(nptr); 587 #endif 588 ENSURE_ASAN_INITED(); 589 if (!flags()->replace_str) { 590 return REAL(atoi)(nptr); 591 } 592 char *real_endptr; 593 // "man atoi" tells that behavior of atoi(nptr) is the same as 594 // strtol(nptr, 0, 10), i.e. it sets errno to ERANGE if the 595 // parsed integer can't be stored in *long* type (even if it's 596 // different from int). So, we just imitate this behavior. 597 int result = REAL(strtol)(nptr, &real_endptr, 10); 598 FixRealStrtolEndptr(nptr, &real_endptr); 599 ASAN_READ_RANGE(nptr, (real_endptr - nptr) + 1); 600 return result; 601 } 602 603 INTERCEPTOR(long, atol, const char *nptr) { // NOLINT 604 #if defined(__APPLE__) 605 if (!asan_inited) return REAL(atol)(nptr); 606 #endif 607 ENSURE_ASAN_INITED(); 608 if (!flags()->replace_str) { 609 return REAL(atol)(nptr); 610 } 611 char *real_endptr; 612 long result = REAL(strtol)(nptr, &real_endptr, 10); // NOLINT 613 FixRealStrtolEndptr(nptr, &real_endptr); 614 ASAN_READ_RANGE(nptr, (real_endptr - nptr) + 1); 615 return result; 616 } 617 618 #if ASAN_INTERCEPT_ATOLL_AND_STRTOLL 619 INTERCEPTOR(long long, strtoll, const char *nptr, // NOLINT 620 char **endptr, int base) { 621 ENSURE_ASAN_INITED(); 622 if (!flags()->replace_str) { 623 return REAL(strtoll)(nptr, endptr, base); 624 } 625 char *real_endptr; 626 long long result = REAL(strtoll)(nptr, &real_endptr, base); // NOLINT 627 if (endptr != 0) { 628 *endptr = real_endptr; 629 } 630 // If base has unsupported value, strtoll can exit with EINVAL 631 // without reading any characters. So do additional checks only 632 // if base is valid. 633 if (IsValidStrtolBase(base)) { 634 FixRealStrtolEndptr(nptr, &real_endptr); 635 ASAN_READ_RANGE(nptr, (real_endptr - nptr) + 1); 636 } 637 return result; 638 } 639 640 INTERCEPTOR(long long, atoll, const char *nptr) { // NOLINT 641 ENSURE_ASAN_INITED(); 642 if (!flags()->replace_str) { 643 return REAL(atoll)(nptr); 644 } 645 char *real_endptr; 646 long long result = REAL(strtoll)(nptr, &real_endptr, 10); // NOLINT 647 FixRealStrtolEndptr(nptr, &real_endptr); 648 ASAN_READ_RANGE(nptr, (real_endptr - nptr) + 1); 649 return result; 650 } 651 #endif // ASAN_INTERCEPT_ATOLL_AND_STRTOLL 652 653 #define ASAN_INTERCEPT_FUNC(name) do { \ 654 if (!INTERCEPT_FUNCTION(name) && flags()->verbosity > 0) \ 655 Report("AddressSanitizer: failed to intercept '" #name "'\n"); \ 656 } while (0) 657 658 #if defined(_WIN32) 659 INTERCEPTOR_WINAPI(DWORD, CreateThread, 660 void* security, uptr stack_size, 661 DWORD (__stdcall *start_routine)(void*), void* arg, 662 DWORD flags, void* tid) { 663 GET_STACK_TRACE_THREAD; 664 u32 current_tid = asanThreadRegistry().GetCurrentTidOrInvalid(); 665 AsanThread *t = AsanThread::Create(current_tid, start_routine, arg, &stack); 666 asanThreadRegistry().RegisterThread(t); 667 return REAL(CreateThread)(security, stack_size, 668 asan_thread_start, t, flags, tid); 669 } 670 671 namespace __asan { 672 void InitializeWindowsInterceptors() { 673 ASAN_INTERCEPT_FUNC(CreateThread); 674 } 675 676 } // namespace __asan 677 #endif 678 679 // ---------------------- InitializeAsanInterceptors ---------------- {{{1 680 namespace __asan { 681 void InitializeAsanInterceptors() { 682 static bool was_called_once; 683 CHECK(was_called_once == false); 684 was_called_once = true; 685 #if defined(__APPLE__) 686 return; 687 #else 688 SANITIZER_COMMON_INTERCEPTORS_INIT; 689 690 // Intercept mem* functions. 691 ASAN_INTERCEPT_FUNC(memcmp); 692 ASAN_INTERCEPT_FUNC(memmove); 693 ASAN_INTERCEPT_FUNC(memset); 694 if (PLATFORM_HAS_DIFFERENT_MEMCPY_AND_MEMMOVE) { 695 ASAN_INTERCEPT_FUNC(memcpy); 696 } 697 698 // Intercept str* functions. 699 ASAN_INTERCEPT_FUNC(strcat); // NOLINT 700 ASAN_INTERCEPT_FUNC(strchr); 701 ASAN_INTERCEPT_FUNC(strcmp); 702 ASAN_INTERCEPT_FUNC(strcpy); // NOLINT 703 ASAN_INTERCEPT_FUNC(strlen); 704 ASAN_INTERCEPT_FUNC(strncat); 705 ASAN_INTERCEPT_FUNC(strncmp); 706 ASAN_INTERCEPT_FUNC(strncpy); 707 #if ASAN_INTERCEPT_STRCASECMP_AND_STRNCASECMP 708 ASAN_INTERCEPT_FUNC(strcasecmp); 709 ASAN_INTERCEPT_FUNC(strncasecmp); 710 #endif 711 #if ASAN_INTERCEPT_STRDUP 712 ASAN_INTERCEPT_FUNC(strdup); 713 #endif 714 #if ASAN_INTERCEPT_STRNLEN 715 ASAN_INTERCEPT_FUNC(strnlen); 716 #endif 717 #if ASAN_INTERCEPT_INDEX && ASAN_USE_ALIAS_ATTRIBUTE_FOR_INDEX 718 ASAN_INTERCEPT_FUNC(index); 719 #endif 720 721 ASAN_INTERCEPT_FUNC(atoi); 722 ASAN_INTERCEPT_FUNC(atol); 723 ASAN_INTERCEPT_FUNC(strtol); 724 #if ASAN_INTERCEPT_ATOLL_AND_STRTOLL 725 ASAN_INTERCEPT_FUNC(atoll); 726 ASAN_INTERCEPT_FUNC(strtoll); 727 #endif 728 729 #if ASAN_INTERCEPT_MLOCKX 730 // Intercept mlock/munlock. 731 ASAN_INTERCEPT_FUNC(mlock); 732 ASAN_INTERCEPT_FUNC(munlock); 733 ASAN_INTERCEPT_FUNC(mlockall); 734 ASAN_INTERCEPT_FUNC(munlockall); 735 #endif 736 737 // Intecept signal- and jump-related functions. 738 ASAN_INTERCEPT_FUNC(longjmp); 739 #if ASAN_INTERCEPT_SIGNAL_AND_SIGACTION 740 ASAN_INTERCEPT_FUNC(sigaction); 741 ASAN_INTERCEPT_FUNC(signal); 742 #endif 743 #if ASAN_INTERCEPT_SWAPCONTEXT 744 ASAN_INTERCEPT_FUNC(swapcontext); 745 #endif 746 #if ASAN_INTERCEPT__LONGJMP 747 ASAN_INTERCEPT_FUNC(_longjmp); 748 #endif 749 #if ASAN_INTERCEPT_SIGLONGJMP 750 ASAN_INTERCEPT_FUNC(siglongjmp); 751 #endif 752 753 // Intercept exception handling functions. 754 #if ASAN_INTERCEPT___CXA_THROW 755 INTERCEPT_FUNCTION(__cxa_throw); 756 #endif 757 758 // Intercept threading-related functions 759 #if ASAN_INTERCEPT_PTHREAD_CREATE 760 ASAN_INTERCEPT_FUNC(pthread_create); 761 #endif 762 763 // Some Windows-specific interceptors. 764 #if defined(_WIN32) 765 InitializeWindowsInterceptors(); 766 #endif 767 768 if (flags()->verbosity > 0) { 769 Report("AddressSanitizer: libc interceptors initialized\n"); 770 } 771 #endif // __APPLE__ 772 } 773 774 } // namespace __asan 775