diff options
author | Kuba Mracek <mracek@apple.com> | 2016-12-11 08:45:36 +0000 |
---|---|---|
committer | Kuba Mracek <mracek@apple.com> | 2016-12-11 08:45:36 +0000 |
commit | a5bb08ce2ae38a27fcd7faa1c7c81fe043f5860b (patch) | |
tree | 12049ea25f11c23854401819fb8bfc9dc5123d4a /lib/sanitizer_common/sanitizer_malloc_mac.inc | |
parent | c5c177c46ef58a61f03ebc18e7cfd231db97ea1c (diff) | |
download | compiler-rt-a5bb08ce2ae38a27fcd7faa1c7c81fe043f5860b.tar.gz |
[sanitizer] Make sure libmalloc doesn't remove the sanitizer zone from malloc_zones[0]
In certain OS versions, it was possible that libmalloc replaced the sanitizer zone from being the default zone (i.e. being in malloc_zones[0]). This patch introduces a failsafe that makes sure we always stay the default zone. No testcase for this, because this doesn't reproduce under normal circumstances.
Differential Revision: https://reviews.llvm.org/D27083
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@289376 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/sanitizer_common/sanitizer_malloc_mac.inc')
-rw-r--r-- | lib/sanitizer_common/sanitizer_malloc_mac.inc | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/lib/sanitizer_common/sanitizer_malloc_mac.inc b/lib/sanitizer_common/sanitizer_malloc_mac.inc index caf753ad2..6fbee07c1 100644 --- a/lib/sanitizer_common/sanitizer_malloc_mac.inc +++ b/lib/sanitizer_common/sanitizer_malloc_mac.inc @@ -62,6 +62,29 @@ INTERCEPTOR(void, malloc_destroy_zone, malloc_zone_t *zone) { COMMON_MALLOC_FREE(zone); } +extern unsigned malloc_num_zones; +extern malloc_zone_t **malloc_zones; + +// We need to make sure that sanitizer_zone is registered as malloc_zones[0]. If +// libmalloc tries to set up a different zone as malloc_zones[0], it will call +// mprotect(malloc_zones, ..., PROT_READ). This interceptor will catch that and +// make sure we are still the first (default) zone. +INTERCEPTOR(int, mprotect, void *addr, size_t len, int prot) { + if (addr == malloc_zones && prot == PROT_READ) { + if (malloc_num_zones > 1 && malloc_zones[0] != &sanitizer_zone) { + for (unsigned i = 1; i < malloc_num_zones; i++) { + if (malloc_zones[i] == &sanitizer_zone) { + // Swap malloc_zones[0] and malloc_zones[i]. + malloc_zones[i] = malloc_zones[0]; + malloc_zones[0] = &sanitizer_zone; + break; + } + } + } + } + return REAL(mprotect)(addr, len, prot); +} + INTERCEPTOR(malloc_zone_t *, malloc_default_zone, void) { COMMON_MALLOC_ENTER(); return &sanitizer_zone; |