Add comments from <sanitizer/asan_interface.h>
This commit is contained in:
parent
8313605872
commit
a450f820d9
@ -84,8 +84,26 @@ int main()
|
|||||||
"## Overview\n"
|
"## Overview\n"
|
||||||
"\n"
|
"\n"
|
||||||
"ASAN provides a way to manually markup ranges of bytes to\n"
|
"ASAN provides a way to manually markup ranges of bytes to\n"
|
||||||
"prohibit or permit reads to those addresses. There's a short\n"
|
"prohibit or permit reads to those addresses. In\n"
|
||||||
"foot-note in Google's "
|
"`<sanitizer/asan_interface.h> there's a brief mention for the poison\n"
|
||||||
|
"and unpoison API respectively:`\n"
|
||||||
|
"\n"
|
||||||
|
"```cpp\n"
|
||||||
|
"/// ... This function is not guaranteed to poison the entire region -\n"
|
||||||
|
"/// it could poison only a subregion of <c>[addr, addr+size)</c> due to ASan\n"
|
||||||
|
"/// alignment restrictions.\n"
|
||||||
|
"void __asan_poison_memory_region(void const volatile *addr, size_t size);\n"
|
||||||
|
"```\n"
|
||||||
|
"\n"
|
||||||
|
"and:\n"
|
||||||
|
"\n"
|
||||||
|
"```cpp\n"
|
||||||
|
"/// This function could unpoison a super-region of <c>[addr, addr+size)</c> due\n"
|
||||||
|
"/// to ASan alignment restrictions.\n"
|
||||||
|
"void __asan_unpoison_memory_region(void const volatile *addr, size_t size);\n"
|
||||||
|
"```\n"
|
||||||
|
"\n"
|
||||||
|
"There's another brief foot-note in Google's "
|
||||||
"[AddressSanitizerManualPoisoning](https://github.com/google/"
|
"[AddressSanitizerManualPoisoning](https://github.com/google/"
|
||||||
"sanitizers/wiki/AddressSanitizerManualPoisoning)\n"
|
"sanitizers/wiki/AddressSanitizerManualPoisoning)\n"
|
||||||
"documentation that states:\n"
|
"documentation that states:\n"
|
||||||
@ -97,8 +115,8 @@ int main()
|
|||||||
"chunks should start with 8-aligned addresses.\n"
|
"chunks should start with 8-aligned addresses.\n"
|
||||||
"```\n"
|
"```\n"
|
||||||
"\n"
|
"\n"
|
||||||
"This repository runs some simple tests to clarify the behaviour of\n"
|
"So then this repository runs some simple tests to clarify the behaviour\n"
|
||||||
"the API on un/aligned addresses at various sizes without having\n"
|
"of the API on un/aligned addresses at various sizes without having\n"
|
||||||
"to dig into source code or read the [ASAN paper](https://static."
|
"to dig into source code or read the [ASAN paper](https://static."
|
||||||
"googleusercontent.com/media/research.google.com/en/pubs/archive/"
|
"googleusercontent.com/media/research.google.com/en/pubs/archive/"
|
||||||
"37752.pdf).\n"
|
"37752.pdf).\n"
|
||||||
|
28
readme.md
28
readme.md
@ -25,8 +25,26 @@ marked-up memory that may lead to undetected read/writes.
|
|||||||
## Overview
|
## Overview
|
||||||
|
|
||||||
ASAN provides a way to manually markup ranges of bytes to
|
ASAN provides a way to manually markup ranges of bytes to
|
||||||
prohibit or permit reads to those addresses. There's a short
|
prohibit or permit reads to those addresses. In
|
||||||
foot-note in Google's [AddressSanitizerManualPoisoning](https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning)
|
`<sanitizer/asan_interface.h> there's a brief mention for the poison
|
||||||
|
and unpoison API respectively:`
|
||||||
|
|
||||||
|
```cpp
|
||||||
|
/// ... This function is not guaranteed to poison the entire region -
|
||||||
|
/// it could poison only a subregion of <c>[addr, addr+size)</c> due to ASan
|
||||||
|
/// alignment restrictions.
|
||||||
|
void __asan_poison_memory_region(void const volatile *addr, size_t size);
|
||||||
|
```
|
||||||
|
|
||||||
|
and:
|
||||||
|
|
||||||
|
```cpp
|
||||||
|
/// This function could unpoison a super-region of <c>[addr, addr+size)</c> due
|
||||||
|
/// to ASan alignment restrictions.
|
||||||
|
void __asan_unpoison_memory_region(void const volatile *addr, size_t size);
|
||||||
|
```
|
||||||
|
|
||||||
|
There's another brief foot-note in Google's [AddressSanitizerManualPoisoning](https://github.com/google/sanitizers/wiki/AddressSanitizerManualPoisoning)
|
||||||
documentation that states:
|
documentation that states:
|
||||||
|
|
||||||
```
|
```
|
||||||
@ -36,8 +54,8 @@ of memory leaving poisoned redzones between them. The allocated
|
|||||||
chunks should start with 8-aligned addresses.
|
chunks should start with 8-aligned addresses.
|
||||||
```
|
```
|
||||||
|
|
||||||
This repository runs some simple tests to clarify the behaviour of
|
So then this repository runs some simple tests to clarify the behaviour
|
||||||
the API on un/aligned addresses at various sizes without having
|
of the API on un/aligned addresses at various sizes without having
|
||||||
to dig into source code or read the [ASAN paper](https://static.googleusercontent.com/media/research.google.com/en/pubs/archive/37752.pdf).
|
to dig into source code or read the [ASAN paper](https://static.googleusercontent.com/media/research.google.com/en/pubs/archive/37752.pdf).
|
||||||
|
|
||||||
We use a stack-allocated 16 byte array and test un/poisoning
|
We use a stack-allocated 16 byte array and test un/poisoning
|
||||||
@ -50,7 +68,7 @@ poisoned memory and hide potential leaks (as also demonstrated in
|
|||||||
## References
|
## References
|
||||||
|
|
||||||
- [Manual ASAN poisoning and alignment](https://github.com/mcgov/asan_alignment_example) example by `mcgov`
|
- [Manual ASAN poisoning and alignment](https://github.com/mcgov/asan_alignment_example) example by `mcgov`
|
||||||
- [Address Sanitizer: A Fast Address Sanity Checker](https://static.googleusercontent.com/media/research.google.com/en/pubs/archive/37752.pdf)
|
- [Address Sanitizer: A Fast Address Sanity Checker](https://static.googleusercontent.com/media/research.google.com/en//pubs/archive/37752.pdf)
|
||||||
- [sanitizer/asan_interface.h](https://github.com/llvm-mirror/compiler-rt/blob/master/include/sanitizer/asan_interface.h)
|
- [sanitizer/asan_interface.h](https://github.com/llvm-mirror/compiler-rt/blob/master/include/sanitizer/asan_interface.h)
|
||||||
|
|
||||||
## Raw Test Results
|
## Raw Test Results
|
||||||
|
Loading…
Reference in New Issue
Block a user