caio/clang-p2996
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
cc371201c3e1d1d76093b5894de202ec6fa1880f
clang-p2996/compiler-rt/lib/scudo/scudo_termination.cpp
Kostya Serebryany 712fc9803a [sanitizer] Initial implementation of a Hardened Allocator 
Summary:
This is an initial implementation of a Hardened Allocator based on Sanitizer Common's CombinedAllocator.
It aims at mitigating heap based vulnerabilities by adding several features to the base allocator, while staying relatively fast.
The following were implemented:
- additional consistency checks on the allocation function parameters and on the heap chunks;
- use of checksum protected chunk header, to detect corruption;
- randomness to the allocator base;
- delayed freelist (quarantine), to mitigate use after free and overall determinism.
Additional mitigations are in the works.

Reviewers: eugenis, aizatsky, pcc, krasin, vitalybuka, glider, dvyukov, kcc

Subscribers: kubabrecka, filcab, llvm-commits

Differential Revision: http://reviews.llvm.org/D20084

llvm-svn: 271968
2016-06-07 01:20:26 +00:00

42 lines
1.3 KiB
C++
Raw Blame History

//===-- scudo_termination.cpp -----------------------------------*- C++ -*-===//
//
// The LLVM Compiler Infrastructure
//
// This file is distributed under the University of Illinois Open Source
// License. See LICENSE.TXT for details.
//
//===----------------------------------------------------------------------===//
///
/// This file contains bare-bones termination functions to replace the
/// __sanitizer ones, in order to avoid any potential abuse of the callbacks
/// functionality.
///
//===----------------------------------------------------------------------===//
#include "sanitizer_common/sanitizer_common.h"
namespace __sanitizer {
bool AddDieCallback(DieCallbackType callback) { return true; }
bool RemoveDieCallback(DieCallbackType callback) { return true; }
void SetUserDieCallback(DieCallbackType callback) {}
void NORETURN Die() {
if (common_flags()->abort_on_error)
Abort();
internal__exit(common_flags()->exitcode);
}
void SetCheckFailedCallback(CheckFailedCallbackType callback) {}
void NORETURN CheckFailed(const char *file, int line, const char *cond,
u64 v1, u64 v2) {
Report("Sanitizer CHECK failed: %s:%d %s (%lld, %lld)\n", file, line, cond,
v1, v2);
Die();
}
} // namespace __sanitizer
Reference in New Issue View Git Blame Copy Permalink