Chromium Code Reviews
chromiumcodereview-hr@appspot.gserviceaccount.com (chromiumcodereview-hr) | Please choose your nickname with Settings | Help | Chromium Project | Gerrit Changes | Sign out
(58)

Side by Side Diff: syzygy/agent/asan/shadow.h

Issue 2379023002: [SyzyAsan] Fix overflow error in ShadowWalker for 4GB 32-bit processes. (Closed)
Patch Set: Fix comments. Created 4 years, 2 months ago
Use n/p to move between diff chunks; N/P to move between comments. Draft comments are only viewable by you.
Jump to:
View unified diff | Download patch
OLDNEW
1 // Copyright 2012 Google Inc. All Rights Reserved. 1 // Copyright 2012 Google Inc. All Rights Reserved.
2 // 2 //
3 // Licensed under the Apache License, Version 2.0 (the "License"); 3 // Licensed under the Apache License, Version 2.0 (the "License");
4 // you may not use this file except in compliance with the License. 4 // you may not use this file except in compliance with the License.
5 // You may obtain a copy of the License at 5 // You may obtain a copy of the License at
6 // 6 //
7 // http://www.apache.org/licenses/LICENSE-2.0 7 // http://www.apache.org/licenses/LICENSE-2.0
8 // 8 //
9 // Unless required by applicable law or agreed to in writing, software 9 // Unless required by applicable law or agreed to in writing, software
10 // distributed under the License is distributed on an "AS IS" BASIS, 10 // distributed under the License is distributed on an "AS IS" BASIS,
(...skipping 276 matching lines...) Expand 10 before | Expand all | Expand 10 after
287 // @param size The extent of the memory to be marked. 287 // @param size The extent of the memory to be marked.
288 // @note Grabs a global shadow lock. 288 // @note Grabs a global shadow lock.
289 void MarkPagesProtected(const void* addr, size_t size); 289 void MarkPagesProtected(const void* addr, size_t size);
290 290
291 // Marks a given range of pages as being unprotected. 291 // Marks a given range of pages as being unprotected.
292 // @param addr The first page to be marked. 292 // @param addr The first page to be marked.
293 // @param size The extent of the memory to be marked. 293 // @param size The extent of the memory to be marked.
294 // @note Grabs a global shadow lock. 294 // @note Grabs a global shadow lock.
295 void MarkPagesUnprotected(const void* addr, size_t size); 295 void MarkPagesUnprotected(const void* addr, size_t size);
296 296
297 // Returns the size of memory represented by the shadow. 297 // Returns the size of memory represented by the shadow. This is a 64-bit
298 const size_t memory_size() const { return length_ << kShadowRatioLog; } 298 // result to prevent overflow for 4GB 32-bit processes.
299 const uint64_t memory_size() const {
300 return static_cast<uint64_t>(length_) << kShadowRatioLog;
301 }
299 302
300 // Read only accessor of shadow memory. 303 // Read only accessor of shadow memory.
301 // @returns a pointer to the actual shadow memory. 304 // @returns a pointer to the actual shadow memory.
302 const uint8_t* shadow() const { return shadow_; } 305 const uint8_t* shadow() const { return shadow_; }
303 306
304 // Returns the length of the shadow array. 307 // Returns the length of the shadow array.
305 size_t length() const { return length_; } 308 size_t length() const { return length_; }
306 309
307 // Read only accessor of page protection bits. 310 // Read only accessor of page protection bits.
308 const uint8_t* page_bits() const { return page_bits_; } 311 const uint8_t* page_bits() const { return page_bits_; }
(...skipping 106 matching lines...) Expand 10 before | Expand all | Expand 10 after
415 class ShadowWalker { 418 class ShadowWalker {
416 public: 419 public:
417 // Constructor. 420 // Constructor.
418 // @param shadow The shadow memory object to walk. 421 // @param shadow The shadow memory object to walk.
419 // @param recursive If true then this will recursively descend into nested 422 // @param recursive If true then this will recursively descend into nested
420 // blocks. Otherwise it will only return the outermost blocks in the 423 // blocks. Otherwise it will only return the outermost blocks in the
421 // provided region. 424 // provided region.
422 // @param lower_bound The lower bound of the region that this walker should 425 // @param lower_bound The lower bound of the region that this walker should
423 // cover in the actual memory. 426 // cover in the actual memory.
424 // @param upper_bound The upper bound of the region that this walker should 427 // @param upper_bound The upper bound of the region that this walker should
425 // cover in the actual memory. 428 // cover in the actual memory. This can overflow to 0 to indicate walking
429 // all of memory.
426 ShadowWalker(const Shadow* shadow, 430 ShadowWalker(const Shadow* shadow,
427 bool recursive, 431 bool recursive,
428 const void* lower_bound, 432 const void* lower_bound,
429 const void* upper_bound); 433 const void* upper_bound);
430 434
431 // Return the next block in this memory region. 435 // Return the next block in this memory region.
432 // @param info The block information to be populated. 436 // @param info The block information to be populated.
433 // @return true if a block was found, false otherwise. 437 // @return true if a block was found, false otherwise.
434 bool Next(BlockInfo* info); 438 bool Next(BlockInfo* info);
435 439
436 // Reset the walker to its initial state. 440 // Reset the walker to its initial state.
437 void Reset(); 441 void Reset();
438 442
439 // @returns the nesting depth of the last returned block. If no blocks have 443 // @returns the nesting depth of the last returned block. If no blocks have
440 // been walked then this returns -1. 444 // been walked then this returns -1.
441 int nesting_depth() const { return nesting_depth_; } 445 int nesting_depth() const { return nesting_depth_; }
442 446
443 private: 447 private:
444 // The shadow memory being walked. 448 // The shadow memory being walked.
445 const Shadow* shadow_; 449 const Shadow* shadow_;
446 450
447 // Indicates whether or not the walker will descend recursively into nested 451 // Indicates whether or not the walker will descend recursively into nested
448 // blocks. 452 // blocks.
449 bool recursive_; 453 bool recursive_;
450 454
451 // The bounds of the memory region for this walker. 455 // The bounds of the memory region for this walker, expressed as pointers in
452 const uint8_t* lower_bound_; 456 // the shadow memory. This allows walking to occur without worrying about
453 const uint8_t* upper_bound_; 457 // overflow.
458 size_t lower_index_;
459 size_t upper_index_;
454 460
455 // The current cursor of the shadow walker. This points to upper_bound_ when 461 // The shadow cursor.
456 // the walk is terminated.
457 const uint8_t* cursor_;
458
459 // The shadow cursor. This is maintained simply for debugging and to ensure
460 // that the shadow memory associated with |cursor_| makes it into the crash
461 // report.
462 const uint8_t* shadow_cursor_; 462 const uint8_t* shadow_cursor_;
463 463
464 // The current nesting depth. Starts at -1. 464 // The current nesting depth. Starts at -1.
465 int nesting_depth_; 465 int nesting_depth_;
466 466
467 DISALLOW_COPY_AND_ASSIGN(ShadowWalker); 467 DISALLOW_COPY_AND_ASSIGN(ShadowWalker);
468 }; 468 };
469 469
470 // The static shadow memory that is referred to by the memory interceptors. 470 // The static shadow memory that is referred to by the memory interceptors.
471 // These are provided by one of 'dummy_shadow.cc' or 'static_shadow.cc'. 471 // These are provided by one of 'dummy_shadow.cc' or 'static_shadow.cc'.
472 extern "C" { 472 extern "C" {
473 extern const size_t asan_memory_interceptors_shadow_memory_size; 473 extern const size_t asan_memory_interceptors_shadow_memory_size;
474 extern uint8_t asan_memory_interceptors_shadow_memory[]; 474 extern uint8_t asan_memory_interceptors_shadow_memory[];
475 } 475 }
476 476
477 // Bring in the implementation of the templated functions. 477 // Bring in the implementation of the templated functions.
478 #include "syzygy/agent/asan/shadow_impl.h" 478 #include "syzygy/agent/asan/shadow_impl.h"
479 479
480 } // namespace asan 480 } // namespace asan
481 } // namespace agent 481 } // namespace agent
482 482
483 #endif // SYZYGY_AGENT_ASAN_SHADOW_H_ 483 #endif // SYZYGY_AGENT_ASAN_SHADOW_H_
OLDNEW

Powered by Google App Engine
This is Rietveld 408576698