[HWASAN] Enable memcpy and memmove interceptors (#71217)

kstoimenov · web-flow · commit 3cf9bf343de5 · 2023-11-03T14:17:45.000-07:00
diff --git a/compiler-rt/lib/hwasan/hwasan_interceptors.cpp b/compiler-rt/lib/hwasan/hwasan_interceptors.cpp
@@ -90,8 +90,7 @@ struct HWAsanInterceptorContext {
 #    include "sanitizer_common/sanitizer_syscalls_netbsd.inc"
 
 #    define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \
-      do {                                                 \
-      } while (false)
+      HWASAN_WRITE_RANGE(ctx, ptr, size)
 
 #    define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
       HWASAN_READ_RANGE(ctx, ptr, size)
@@ -147,22 +146,6 @@ struct HWAsanInterceptorContext {
         (void)(name);                           \
       } while (false)
 
-#    define COMMON_INTERCEPTOR_MEMMOVE_IMPL(ctx, to, from, size) \
-      do {                                                       \
-        (void)(ctx);                                             \
-        (void)(to);                                              \
-        (void)(from);                                            \
-        (void)(size);                                            \
-      } while (false)
-
-#    define COMMON_INTERCEPTOR_MEMCPY_IMPL(ctx, to, from, size) \
-      do {                                                      \
-        (void)(ctx);                                            \
-        (void)(to);                                             \
-        (void)(from);                                           \
-        (void)(size);                                           \
-      } while (false)
-
 #    define COMMON_INTERCEPTOR_MEMSET_IMPL(ctx, block, c, size) \
       do {                                                      \
         (void)(ctx);                                            \
diff --git a/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h b/compiler-rt/lib/hwasan/hwasan_platform_interceptors.h
@@ -59,11 +59,11 @@
 #undef SANITIZER_INTERCEPT_MEMSET
 #define SANITIZER_INTERCEPT_MEMSET 0
 
-#undef SANITIZER_INTERCEPT_MEMMOVE
-#define SANITIZER_INTERCEPT_MEMMOVE 0
+// #undef SANITIZER_INTERCEPT_MEMMOVE
+// #define SANITIZER_INTERCEPT_MEMMOVE 0
 
-#undef SANITIZER_INTERCEPT_MEMCPY
-#define SANITIZER_INTERCEPT_MEMCPY 0
+// #undef SANITIZER_INTERCEPT_MEMCPY
+// #define SANITIZER_INTERCEPT_MEMCPY 0
 
 // #undef SANITIZER_INTERCEPT_MEMCMP
 // #define SANITIZER_INTERCEPT_MEMCMP 0
diff --git a/compiler-rt/test/hwasan/TestCases/memcpy.cpp b/compiler-rt/test/hwasan/TestCases/memcpy.cpp
@@ -0,0 +1,32 @@
+// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+__attribute__((no_sanitize("hwaddress"))) void
+ForceCallInterceptor(void *p, const void *a, size_t size) {
+  memcpy(p, a, size);
+}
+
+int main(int argc, char **argv) {
+  __hwasan_enable_allocator_tagging();
+  char a[] = {static_cast<char>(argc), 2, 3, 4};
+  int size = sizeof(a);
+  char *volatile p = (char *)malloc(size);
+  free(p);
+  ForceCallInterceptor(p, a, size);
+  return 0;
+  // CHECK: HWAddressSanitizer: tag-mismatch on address
+  // CHECK: WRITE of size 4
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-4]]
+  // CHECK: Cause: use-after-free
+  // CHECK: freed by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-8]]
+  // CHECK: previously allocated by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memcpy.cpp:[[@LINE-11]]
+}
diff --git a/compiler-rt/test/hwasan/TestCases/memmove.cpp b/compiler-rt/test/hwasan/TestCases/memmove.cpp
@@ -0,0 +1,32 @@
+// RUN: %clangxx_hwasan -O0 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O2 %s -o %t && not %run %t 2>&1 | FileCheck %s
+// RUN: %clangxx_hwasan -O3 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <sanitizer/hwasan_interface.h>
+#include <stdlib.h>
+#include <string.h>
+#include <unistd.h>
+
+__attribute__((no_sanitize("hwaddress"))) void
+ForceCallInterceptor(void *p, const void *a, size_t size) {
+  memmove(p, a, size);
+}
+
+int main(int argc, char **argv) {
+  __hwasan_enable_allocator_tagging();
+  char a[] = {static_cast<char>(argc), 2, 3, 4};
+  int size = sizeof(a);
+  char *volatile p = (char *)malloc(size);
+  free(p);
+  ForceCallInterceptor(p, a, size);
+  return 0;
+  // CHECK: HWAddressSanitizer: tag-mismatch on address
+  // CHECK: WRITE of size 4
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-4]]
+  // CHECK: Cause: use-after-free
+  // CHECK: freed by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-8]]
+  // CHECK: previously allocated by thread
+  // CHECK: #{{[[:digit:]]+}} 0x{{[[:xdigit:]]+}} in main {{.*}}memmove.cpp:[[@LINE-11]]
+}
