Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Poison last word of FakeFrame #133689

Open
wants to merge 3 commits into
base: main
Choose a base branch
from
Open

Poison last word of FakeFrame #133689

wants to merge 3 commits into from
+6 −1

Conversation

brandb97
Copy link

@brandb97 brandb97 commented Mar 31, 2025
edited
Loading

@github-actions GitHub Actions
Copy link

Thank you for submitting a Pull Request (PR) to the LLVM Project!

This PR will be automatically labeled and the relevant teams will be notified.

If you wish to, you can add reviewers by using the "Reviewers" section on this page.

If this is not working for you, it is probably because you do not have write permissions for the repository. In which case you can instead tag reviewers by name in a comment by using @ followed by their GitHub username.

If you have received no comments on your PR for a week, you can request a review by "ping"ing the PR by adding a comment “Ping”. The common courtesy "ping" rate is once a week. Please remember that you are asking for valuable time from other developers.

If you have further questions, they may be answered by the LLVM GitHub User Guide.

You can also ask questions in a comment on this PR, on the LLVM Discord or on the forums.

@llvmbot
Copy link
Member

llvmbot commented Mar 31, 2025

@llvm/pr-subscribers-compiler-rt-sanitizer

Author: None (brandb97)

Changes

Full diff: https://github.com/llvm/llvm-project/pull/133689.diff

1 Files Affected:

  • (modified) compiler-rt/lib/asan/asan_fake_stack.cpp (+6-1)
diff --git a/compiler-rt/lib/asan/asan_fake_stack.cpp b/compiler-rt/lib/asan/asan_fake_stack.cpp
index 7443ff166984d..f68dd31ab1610 100644
--- a/compiler-rt/lib/asan/asan_fake_stack.cpp
+++ b/compiler-rt/lib/asan/asan_fake_stack.cpp
@@ -107,7 +107,12 @@ FakeFrame *FakeStack::Allocate(uptr stack_size_log, uptr class_id,
     FakeFrame *res = reinterpret_cast<FakeFrame *>(
         GetFrame(stack_size_log, class_id, pos));
     res->real_stack = real_stack;
-    *SavedFlagPtr(reinterpret_cast<uptr>(res), class_id) = &flags[pos];
+    u8 **saved_flag_ptr = SavedFlagPtr(reinterpret_cast<uptr>(res), class_id);
+    *saved_flag_ptr = &flags[pos];
+
+    // Poison the last word of FakeFrame
+    u8 *shadow = reinterpret_cast<u8*>(MemToShadow(reinterpret_cast<uptr>(saved_flag_ptr)));
+    *shadow = kMagic1;
     return res;
   }
   return nullptr; // We are out of fake stack.

@brandb97
Copy link
Author

@vitalybuka @ramosian-glider

@brandb97
replace oxf5 with 0xf3
be3221b 
replace kAsanAfterReturnMagic with kAsanStackRightRedzoneMagic
@brandb97
Copy link
Author

brandb97 commented Apr 6, 2025

Ping

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@vitalybuka vitalybuka Awaiting requested review from vitalybuka

@ramosian-glider ramosian-glider Awaiting requested review from ramosian-glider

Assignees
No one assigned
Labels
compiler-rt:asan Address sanitizer compiler-rt:sanitizer compiler-rt
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

AddressSanitizer's FakeStack metadata can be rewrite by users
2 participants
@brandb97 @llvmbot