Proposal to add support for structure inner elements in Asan

Thu, 01 Dec 2016 19:31:15 -0800 

Hello,
With the experts' help in this community, I've enabled the Asan for global 
and stack buffer in my bare-mental platform firmware, thanks a lot. 
But I find the current Asan doesn't support to protect the structure inner 
elements, E.g. the global_array[11] in below code. Unfortunately, most of 
important data are defined through structure in my firmware, and if the 
Asan doesn't support to protect structure inner elements, most of my data 
memory access will not be protected by Asan. So, could we let Asan support 
structure inner elements? 

Well, I understand it is not safe to just instrument red-zone between 
structure inner elements like current Asan does on global variable.  We 
also need to handle the sizeof(), offsetof() macro, the alignment pragma, 
and maybe others. Could we extend Asan scope beyond IR to Clang front-end 
to do some source-to-source conversion to handle these issue? E.g. for no 
alignment enforced structure,  replace the structure inner elements with 
red-zone instrumented version, and let the sizeof() be-aware of the size 
change. Is it possible?

#include <stdio.h>

#pragma pack (1)
typedef struct {
  int  Name;
  int  Version;
} HEADER;
#pragma pack ()

typedef struct {
  HEADER  Header;
  int     global_array[11];
  int     Tailer;
} TABLE;


TABLE Table;

int main(int argc, char **argv) {
  int Num;
  void *ptr;
  
  Num = 11;
  Table.global_array[Num] = 0x87654321; // redzones is only rounded up to 
bound of the structure outermost which cause miss structure inner field 
buffer overflow here
  printf("Table.global_array[%d]=0x%x\n", Num, Table.global_array[Num]); 

  Table.global_array[0] = 0x12345678; 
  ptr = &Table;
  ptr += sizeof(Table.Header); // Could we let the "sizeof" be Asan aware 
to support RedZone instrumentation in structure inner field?
  printf("*ptr=0x%x\n", *(unsigned int *)ptr); 
  return 1;
}

-- 
You received this message because you are subscribed to the Google Groups 
"address-sanitizer" group.
To unsubscribe from this group and stop receiving emails from it, send an email 
to [email protected].
For more options, visit https://groups.google.com/d/optout.

Reply via email to