Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-14 Thread Andrey Ryabinin
On 07/14/2017 01:49 AM, Greg Hackmann wrote: > On 07/10/2017 03:30 AM, Andrey Ryabinin wrote: >> gcc now supports this too. So I think this patch should enable it. >> It's off by default so you'll have to add --param asan-instrument-allocas=1 >> into cflags >> to make it work > > Thanks, will

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-14 Thread Andrey Ryabinin
On 07/14/2017 01:49 AM, Greg Hackmann wrote: > On 07/10/2017 03:30 AM, Andrey Ryabinin wrote: >> gcc now supports this too. So I think this patch should enable it. >> It's off by default so you'll have to add --param asan-instrument-allocas=1 >> into cflags >> to make it work > > Thanks, will

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-14 Thread Dmitry Vyukov
On Fri, Jul 14, 2017 at 12:40 AM, Greg Hackmann wrote: > Hi, > > Thanks for taking a look at this patchstack. I apologize for the delay in > responding. > > On 07/10/2017 01:44 AM, Dmitry Vyukov wrote: >>> >>> + >>> + const void *left_redzone = (const void *)(addr -

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-14 Thread Dmitry Vyukov
On Fri, Jul 14, 2017 at 12:40 AM, Greg Hackmann wrote: > Hi, > > Thanks for taking a look at this patchstack. I apologize for the delay in > responding. > > On 07/10/2017 01:44 AM, Dmitry Vyukov wrote: >>> >>> + >>> + const void *left_redzone = (const void *)(addr - >>> +

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-13 Thread Greg Hackmann
On 07/10/2017 03:30 AM, Andrey Ryabinin wrote: gcc now supports this too. So I think this patch should enable it. It's off by default so you'll have to add --param asan-instrument-allocas=1 into cflags to make it work Thanks, will fix. For now, it looks like I'll need to build gcc from git

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-13 Thread Greg Hackmann
On 07/10/2017 03:30 AM, Andrey Ryabinin wrote: gcc now supports this too. So I think this patch should enable it. It's off by default so you'll have to add --param asan-instrument-allocas=1 into cflags to make it work Thanks, will fix. For now, it looks like I'll need to build gcc from git

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-13 Thread Greg Hackmann
Hi, Thanks for taking a look at this patchstack. I apologize for the delay in responding. On 07/10/2017 01:44 AM, Dmitry Vyukov wrote: + + const void *left_redzone = (const void *)(addr - + KASAN_ALLOCA_REDZONE_SIZE); + const void *right_redzone = (const

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-13 Thread Greg Hackmann
Hi, Thanks for taking a look at this patchstack. I apologize for the delay in responding. On 07/10/2017 01:44 AM, Dmitry Vyukov wrote: + + const void *left_redzone = (const void *)(addr - + KASAN_ALLOCA_REDZONE_SIZE); + const void *right_redzone = (const

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-10 Thread Andrey Ryabinin
On 07/07/2017 01:01 AM, Greg Hackmann wrote: > clang's AddressSanitizer implementation adds redzones on either side of > alloca()ed buffers. These redzones are 32-byte aligned and at least 32 > bytes long. gcc now supports this too. So I think this patch should enable it. It's off by default so

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-10 Thread Andrey Ryabinin
On 07/07/2017 01:01 AM, Greg Hackmann wrote: > clang's AddressSanitizer implementation adds redzones on either side of > alloca()ed buffers. These redzones are 32-byte aligned and at least 32 > bytes long. gcc now supports this too. So I think this patch should enable it. It's off by default so

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-10 Thread Dmitry Vyukov
On Fri, Jul 7, 2017 at 12:01 AM, Greg Hackmann wrote: > clang's AddressSanitizer implementation adds redzones on either side of > alloca()ed buffers. These redzones are 32-byte aligned and at least 32 > bytes long. > > __asan_alloca_poison() is passed the size and address

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-10 Thread Dmitry Vyukov
On Fri, Jul 7, 2017 at 12:01 AM, Greg Hackmann wrote: > clang's AddressSanitizer implementation adds redzones on either side of > alloca()ed buffers. These redzones are 32-byte aligned and at least 32 > bytes long. > > __asan_alloca_poison() is passed the size and address of the allocated >

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-06 Thread Greg Hackmann
On 07/06/2017 03:01 PM, Greg Hackmann wrote: @@ -101,6 +101,9 @@ static const char *get_shadow_bug_type(struct kasan_access_info *info) break; case KASAN_USE_AFTER_SCOPE: bug_type = "use-after-scope"; + case KASAN_ALLOCA_LEFT: + case

Re: [PATCH 1/4] kasan: support alloca() poisoning

2017-07-06 Thread Greg Hackmann
On 07/06/2017 03:01 PM, Greg Hackmann wrote: @@ -101,6 +101,9 @@ static const char *get_shadow_bug_type(struct kasan_access_info *info) break; case KASAN_USE_AFTER_SCOPE: bug_type = "use-after-scope"; + case KASAN_ALLOCA_LEFT: + case

[PATCH 1/4] kasan: support alloca() poisoning

2017-07-06 Thread Greg Hackmann
clang's AddressSanitizer implementation adds redzones on either side of alloca()ed buffers. These redzones are 32-byte aligned and at least 32 bytes long. __asan_alloca_poison() is passed the size and address of the allocated buffer, *excluding* the redzones on either side. The left redzone

[PATCH 1/4] kasan: support alloca() poisoning

2017-07-06 Thread Greg Hackmann
clang's AddressSanitizer implementation adds redzones on either side of alloca()ed buffers. These redzones are 32-byte aligned and at least 32 bytes long. __asan_alloca_poison() is passed the size and address of the allocated buffer, *excluding* the redzones on either side. The left redzone