Change -fsanitize-address-poison-class-member-array-new-cookie to -fsanitize-address-poison-custom-array-cookie
Handle it in the driver and propagate it to cc1 Reviewers: rjmccall, kcc, rsmith Subscribers: cfe-commits Differential Revision: https://reviews.llvm.org/D52615 llvm-svn: 346001
This commit is contained in:
parent
df92dabaef
commit
0eb5008352
|
@ -800,9 +800,11 @@ Level of field padding for AddressSanitizer
|
||||||
|
|
||||||
Enable linker dead stripping of globals in AddressSanitizer
|
Enable linker dead stripping of globals in AddressSanitizer
|
||||||
|
|
||||||
.. option:: -fsanitize-address-poison-class-member-array-new-cookie, -fno-sanitize-address-poison-class-member-array-new-cookie
|
.. option:: -fsanitize-address-poison-custom-array-cookie, -fno-sanitize-address-poison-custom-array-cookie
|
||||||
|
|
||||||
Enable poisoning array cookies when using class member operator new\[\] in AddressSanitizer
|
Enable "poisoning" array cookies when allocating arrays with a custom operator new\[\] in Address Sanitizer, preventing accesses to the cookies from user code. An array cookie is a small implementation-defined header added to certain array allocations to record metadata such as the length of the array. Accesses to array cookies from user code are technically allowed by the standard but are more likely to be the result of an out-of-bounds array access.
|
||||||
|
|
||||||
|
An operator new\[\] is "custom" if it is not one of the allocation functions provided by the C++ standard library. Array cookies from non-custom allocation functions are always poisoned.
|
||||||
|
|
||||||
.. option:: -fsanitize-address-use-after-scope, -fno-sanitize-address-use-after-scope
|
.. option:: -fsanitize-address-use-after-scope, -fno-sanitize-address-use-after-scope
|
||||||
|
|
||||||
|
|
|
@ -3000,8 +3000,8 @@ Execute ``clang-cl /?`` to see a list of supported options:
|
||||||
-fno-debug-macro Do not emit macro debug information
|
-fno-debug-macro Do not emit macro debug information
|
||||||
-fno-delayed-template-parsing
|
-fno-delayed-template-parsing
|
||||||
Disable delayed template parsing
|
Disable delayed template parsing
|
||||||
-fno-sanitize-address-poison-class-member-array-new-cookie
|
-fno-sanitize-address-poison-custom-array-cookie
|
||||||
Disable poisoning array cookies when using class member operator new[] in AddressSanitizer
|
Disable poisoning array cookies when using custom operator new[] in AddressSanitizer
|
||||||
-fno-sanitize-address-use-after-scope
|
-fno-sanitize-address-use-after-scope
|
||||||
Disable use-after-scope detection in AddressSanitizer
|
Disable use-after-scope detection in AddressSanitizer
|
||||||
-fno-sanitize-blacklist Don't use blacklist file for sanitizers
|
-fno-sanitize-blacklist Don't use blacklist file for sanitizers
|
||||||
|
@ -3037,8 +3037,8 @@ Execute ``clang-cl /?`` to see a list of supported options:
|
||||||
Level of field padding for AddressSanitizer
|
Level of field padding for AddressSanitizer
|
||||||
-fsanitize-address-globals-dead-stripping
|
-fsanitize-address-globals-dead-stripping
|
||||||
Enable linker dead stripping of globals in AddressSanitizer
|
Enable linker dead stripping of globals in AddressSanitizer
|
||||||
-fsanitize-address-poison-class-member-array-new-cookie
|
-fsanitize-address-poison-custom-array-cookie
|
||||||
Enable poisoning array cookies when using class member operator new[] in AddressSanitizer
|
Enable poisoning array cookies when using custom operator new[] in AddressSanitizer
|
||||||
-fsanitize-address-use-after-scope
|
-fsanitize-address-use-after-scope
|
||||||
Enable use-after-scope detection in AddressSanitizer
|
Enable use-after-scope detection in AddressSanitizer
|
||||||
-fsanitize-blacklist=<value>
|
-fsanitize-blacklist=<value>
|
||||||
|
|
|
@ -971,14 +971,14 @@ def fno_sanitize_address_use_after_scope : Flag<["-"], "fno-sanitize-address-use
|
||||||
Group<f_clang_Group>,
|
Group<f_clang_Group>,
|
||||||
Flags<[CoreOption, DriverOption]>,
|
Flags<[CoreOption, DriverOption]>,
|
||||||
HelpText<"Disable use-after-scope detection in AddressSanitizer">;
|
HelpText<"Disable use-after-scope detection in AddressSanitizer">;
|
||||||
def fsanitize_address_poison_class_member_array_new_cookie
|
def fsanitize_address_poison_custom_array_cookie
|
||||||
: Flag<[ "-" ], "fsanitize-address-poison-class-member-array-new-cookie">,
|
: Flag<[ "-" ], "fsanitize-address-poison-custom-array-cookie">,
|
||||||
Group<f_clang_Group>,
|
Group<f_clang_Group>,
|
||||||
HelpText<"Enable poisoning array cookies when using class member operator new[] in AddressSanitizer">;
|
HelpText<"Enable poisoning array cookies when using custom operator new[] in AddressSanitizer">;
|
||||||
def fno_sanitize_address_poison_class_member_array_new_cookie
|
def fno_sanitize_address_poison_custom_array_cookie
|
||||||
: Flag<[ "-" ], "fno-sanitize-address-poison-class-member-array-new-cookie">,
|
: Flag<[ "-" ], "fno-sanitize-address-poison-custom-array-cookie">,
|
||||||
Group<f_clang_Group>,
|
Group<f_clang_Group>,
|
||||||
HelpText<"Disable poisoning array cookies when using class member operator new[] in AddressSanitizer">;
|
HelpText<"Disable poisoning array cookies when using custom operator new[] in AddressSanitizer">;
|
||||||
def fsanitize_address_globals_dead_stripping : Flag<["-"], "fsanitize-address-globals-dead-stripping">,
|
def fsanitize_address_globals_dead_stripping : Flag<["-"], "fsanitize-address-globals-dead-stripping">,
|
||||||
Group<f_clang_Group>,
|
Group<f_clang_Group>,
|
||||||
HelpText<"Enable linker dead stripping of globals in AddressSanitizer">;
|
HelpText<"Enable linker dead stripping of globals in AddressSanitizer">;
|
||||||
|
|
|
@ -36,6 +36,7 @@ class SanitizerArgs {
|
||||||
int AsanFieldPadding = 0;
|
int AsanFieldPadding = 0;
|
||||||
bool SharedRuntime = false;
|
bool SharedRuntime = false;
|
||||||
bool AsanUseAfterScope = true;
|
bool AsanUseAfterScope = true;
|
||||||
|
bool AsanPoisonCustomArrayCookie = false;
|
||||||
bool AsanGlobalsDeadStripping = false;
|
bool AsanGlobalsDeadStripping = false;
|
||||||
bool LinkCXXRuntimes = false;
|
bool LinkCXXRuntimes = false;
|
||||||
bool NeedPIE = false;
|
bool NeedPIE = false;
|
||||||
|
|
|
@ -174,7 +174,7 @@ CODEGENOPT(NewStructPathTBAA , 1, 0) ///< Whether or not to use enhanced struct-
|
||||||
CODEGENOPT(SaveTempLabels , 1, 0) ///< Save temporary labels.
|
CODEGENOPT(SaveTempLabels , 1, 0) ///< Save temporary labels.
|
||||||
CODEGENOPT(SanitizeAddressUseAfterScope , 1, 0) ///< Enable use-after-scope detection
|
CODEGENOPT(SanitizeAddressUseAfterScope , 1, 0) ///< Enable use-after-scope detection
|
||||||
///< in AddressSanitizer
|
///< in AddressSanitizer
|
||||||
CODEGENOPT(SanitizeAddressPoisonClassMemberArrayNewCookie, 1,
|
CODEGENOPT(SanitizeAddressPoisonCustomArrayCookie, 1,
|
||||||
0) ///< Enable poisoning operator new[] which is not a replaceable
|
0) ///< Enable poisoning operator new[] which is not a replaceable
|
||||||
///< global allocation function in AddressSanitizer
|
///< global allocation function in AddressSanitizer
|
||||||
CODEGENOPT(SanitizeAddressGlobalsDeadStripping, 1, 0) ///< Enable linker dead stripping
|
CODEGENOPT(SanitizeAddressGlobalsDeadStripping, 1, 0) ///< Enable linker dead stripping
|
||||||
|
|
|
@ -1916,7 +1916,7 @@ Address ItaniumCXXABI::InitializeArrayCookie(CodeGenFunction &CGF,
|
||||||
// Handle the array cookie specially in ASan.
|
// Handle the array cookie specially in ASan.
|
||||||
if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 &&
|
if (CGM.getLangOpts().Sanitize.has(SanitizerKind::Address) && AS == 0 &&
|
||||||
(expr->getOperatorNew()->isReplaceableGlobalAllocationFunction() ||
|
(expr->getOperatorNew()->isReplaceableGlobalAllocationFunction() ||
|
||||||
CGM.getCodeGenOpts().SanitizeAddressPoisonClassMemberArrayNewCookie)) {
|
CGM.getCodeGenOpts().SanitizeAddressPoisonCustomArrayCookie)) {
|
||||||
// The store to the CookiePtr does not need to be instrumented.
|
// The store to the CookiePtr does not need to be instrumented.
|
||||||
CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI);
|
CGM.getSanitizerMetadata()->disableSanitizerForInstruction(SI);
|
||||||
llvm::FunctionType *FTy =
|
llvm::FunctionType *FTy =
|
||||||
|
|
|
@ -724,6 +724,11 @@ SanitizerArgs::SanitizerArgs(const ToolChain &TC,
|
||||||
options::OPT_fsanitize_address_use_after_scope,
|
options::OPT_fsanitize_address_use_after_scope,
|
||||||
options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
|
options::OPT_fno_sanitize_address_use_after_scope, AsanUseAfterScope);
|
||||||
|
|
||||||
|
AsanPoisonCustomArrayCookie = Args.hasFlag(
|
||||||
|
options::OPT_fsanitize_address_poison_custom_array_cookie,
|
||||||
|
options::OPT_fno_sanitize_address_poison_custom_array_cookie,
|
||||||
|
AsanPoisonCustomArrayCookie);
|
||||||
|
|
||||||
// As a workaround for a bug in gold 2.26 and earlier, dead stripping of
|
// As a workaround for a bug in gold 2.26 and earlier, dead stripping of
|
||||||
// globals in ASan is disabled by default on ELF targets.
|
// globals in ASan is disabled by default on ELF targets.
|
||||||
// See https://sourceware.org/bugzilla/show_bug.cgi?id=19002
|
// See https://sourceware.org/bugzilla/show_bug.cgi?id=19002
|
||||||
|
@ -897,6 +902,9 @@ void SanitizerArgs::addArgs(const ToolChain &TC, const llvm::opt::ArgList &Args,
|
||||||
if (AsanUseAfterScope)
|
if (AsanUseAfterScope)
|
||||||
CmdArgs.push_back("-fsanitize-address-use-after-scope");
|
CmdArgs.push_back("-fsanitize-address-use-after-scope");
|
||||||
|
|
||||||
|
if (AsanPoisonCustomArrayCookie)
|
||||||
|
CmdArgs.push_back("-fsanitize-address-poison-custom-array-cookie");
|
||||||
|
|
||||||
if (AsanGlobalsDeadStripping)
|
if (AsanGlobalsDeadStripping)
|
||||||
CmdArgs.push_back("-fsanitize-address-globals-dead-stripping");
|
CmdArgs.push_back("-fsanitize-address-globals-dead-stripping");
|
||||||
|
|
||||||
|
|
|
@ -969,11 +969,11 @@ static bool ParseCodeGenArgs(CodeGenOptions &Opts, ArgList &Args, InputKind IK,
|
||||||
Args.hasArg(OPT_fsanitize_cfi_icall_generalize_pointers);
|
Args.hasArg(OPT_fsanitize_cfi_icall_generalize_pointers);
|
||||||
Opts.SanitizeStats = Args.hasArg(OPT_fsanitize_stats);
|
Opts.SanitizeStats = Args.hasArg(OPT_fsanitize_stats);
|
||||||
if (Arg *A = Args.getLastArg(
|
if (Arg *A = Args.getLastArg(
|
||||||
OPT_fsanitize_address_poison_class_member_array_new_cookie,
|
OPT_fsanitize_address_poison_custom_array_cookie,
|
||||||
OPT_fno_sanitize_address_poison_class_member_array_new_cookie)) {
|
OPT_fno_sanitize_address_poison_custom_array_cookie)) {
|
||||||
Opts.SanitizeAddressPoisonClassMemberArrayNewCookie =
|
Opts.SanitizeAddressPoisonCustomArrayCookie =
|
||||||
A->getOption().getID() ==
|
A->getOption().getID() ==
|
||||||
OPT_fsanitize_address_poison_class_member_array_new_cookie;
|
OPT_fsanitize_address_poison_custom_array_cookie;
|
||||||
}
|
}
|
||||||
if (Arg *A = Args.getLastArg(OPT_fsanitize_address_use_after_scope,
|
if (Arg *A = Args.getLastArg(OPT_fsanitize_address_use_after_scope,
|
||||||
OPT_fno_sanitize_address_use_after_scope)) {
|
OPT_fno_sanitize_address_use_after_scope)) {
|
||||||
|
|
|
@ -1,6 +1,6 @@
|
||||||
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - %s | FileCheck %s -check-prefix=PLAIN
|
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - %s | FileCheck %s -check-prefix=PLAIN
|
||||||
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - -fsanitize=address %s | FileCheck %s -check-prefix=ASAN
|
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - -fsanitize=address %s | FileCheck %s -check-prefix=ASAN
|
||||||
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - -fsanitize=address -fsanitize-address-poison-class-member-array-new-cookie %s | FileCheck %s -check-prefix=ASAN-POISON-ALL-NEW-ARRAY
|
// RUN: %clang_cc1 -triple x86_64-gnu-linux -emit-llvm -o - -fsanitize=address -fsanitize-address-poison-custom-array-cookie %s | FileCheck %s -check-prefix=ASAN-POISON-ALL-NEW-ARRAY
|
||||||
|
|
||||||
typedef __typeof__(sizeof(0)) size_t;
|
typedef __typeof__(sizeof(0)) size_t;
|
||||||
namespace std {
|
namespace std {
|
||||||
|
|
|
@ -223,6 +223,24 @@
|
||||||
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-WITHOUT-USE-AFTER-SCOPE
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-WITHOUT-USE-AFTER-SCOPE
|
||||||
// CHECK-ASAN-WITHOUT-USE-AFTER-SCOPE: -cc1{{.*}}address-use-after-scope
|
// CHECK-ASAN-WITHOUT-USE-AFTER-SCOPE: -cc1{{.*}}address-use-after-scope
|
||||||
|
|
||||||
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-poison-custom-array-cookie %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE
|
||||||
|
// RUN: %clang_cl --target=x86_64-windows -fsanitize=address -fsanitize-address-poison-custom-array-cookie -### -- %s 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE
|
||||||
|
// CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE: -cc1{{.*}}-fsanitize-address-poison-custom-array-cookie
|
||||||
|
|
||||||
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fno-sanitize-address-poison-custom-array-cookie %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-OFF
|
||||||
|
// RUN: %clang_cl --target=x86_64-windows -fsanitize=address -fno-sanitize-address-poison-custom-array-cookie -### -- %s 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-OFF
|
||||||
|
// CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-OFF-NOT: -cc1{{.*}}address-poison-custom-array-cookie
|
||||||
|
|
||||||
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fno-sanitize-address-poison-custom-array-cookie -fsanitize-address-poison-custom-array-cookie %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-BOTH
|
||||||
|
// RUN: %clang_cl --target=x86_64-windows -fsanitize=address -fno-sanitize-address-poison-custom-array-cookie -fsanitize-address-poison-custom-array-cookie -### -- %s 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-BOTH
|
||||||
|
// CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-BOTH: -cc1{{.*}}-fsanitize-address-poison-custom-array-cookie
|
||||||
|
|
||||||
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-poison-custom-array-cookie -fno-sanitize-address-poison-custom-array-cookie %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-BOTH-OFF
|
||||||
|
// CHECK-POISON-CUSTOM-ARRAY-NEW-COOKIE-BOTH-OFF-NOT: -cc1{{.*}}address-poison-custom-array-cookie
|
||||||
|
|
||||||
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-WITHOUT-POISON-CUSTOM-ARRAY-NEW-COOKIE
|
||||||
|
// CHECK-ASAN-WITHOUT-POISON-CUSTOM-ARRAY-NEW-COOKIE-NOT: -cc1{{.*}}address-poison-custom-array-cookie
|
||||||
|
|
||||||
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-globals-dead-stripping %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-GLOBALS
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address -fsanitize-address-globals-dead-stripping %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-GLOBALS
|
||||||
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-NO-ASAN-GLOBALS
|
// RUN: %clang -target x86_64-linux-gnu -fsanitize=address %s -### 2>&1 | FileCheck %s --check-prefix=CHECK-NO-ASAN-GLOBALS
|
||||||
// RUN: %clang_cl --target=x86_64-windows-msvc -fsanitize=address -fsanitize-address-globals-dead-stripping -### -- %s 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-GLOBALS
|
// RUN: %clang_cl --target=x86_64-windows-msvc -fsanitize=address -fsanitize-address-globals-dead-stripping -### -- %s 2>&1 | FileCheck %s --check-prefix=CHECK-ASAN-GLOBALS
|
||||||
|
|
Loading…
Reference in New Issue