[sanitizer] Make sure libmalloc doesn't remove the sanitizer zone from malloc_zones[0]
In certain OS versions, it was possible that libmalloc replaced the sanitizer zone from being the default zone (i.e. being in malloc_zones[0]). This patch introduces a failsafe that makes sure we always stay the default zone. No testcase for this, because this doesn't reproduce under normal circumstances. Differential Revision: https://reviews.llvm.org/D27083 llvm-svn: 289376
This commit is contained in:
parent
b93f78128f
commit
1c002267fb
|
@ -62,6 +62,29 @@ INTERCEPTOR(void, malloc_destroy_zone, malloc_zone_t *zone) {
|
|||
COMMON_MALLOC_FREE(zone);
|
||||
}
|
||||
|
||||
extern unsigned malloc_num_zones;
|
||||
extern malloc_zone_t **malloc_zones;
|
||||
|
||||
// We need to make sure that sanitizer_zone is registered as malloc_zones[0]. If
|
||||
// libmalloc tries to set up a different zone as malloc_zones[0], it will call
|
||||
// mprotect(malloc_zones, ..., PROT_READ). This interceptor will catch that and
|
||||
// make sure we are still the first (default) zone.
|
||||
INTERCEPTOR(int, mprotect, void *addr, size_t len, int prot) {
|
||||
if (addr == malloc_zones && prot == PROT_READ) {
|
||||
if (malloc_num_zones > 1 && malloc_zones[0] != &sanitizer_zone) {
|
||||
for (unsigned i = 1; i < malloc_num_zones; i++) {
|
||||
if (malloc_zones[i] == &sanitizer_zone) {
|
||||
// Swap malloc_zones[0] and malloc_zones[i].
|
||||
malloc_zones[i] = malloc_zones[0];
|
||||
malloc_zones[0] = &sanitizer_zone;
|
||||
break;
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
return REAL(mprotect)(addr, len, prot);
|
||||
}
|
||||
|
||||
INTERCEPTOR(malloc_zone_t *, malloc_default_zone, void) {
|
||||
COMMON_MALLOC_ENTER();
|
||||
return &sanitizer_zone;
|
||||
|
|
Loading…
Reference in New Issue