tech-userlevel archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: Auxiliary header and macros for sanitizers in userland programs

Kamil Rytarowski <> wrote:

> On 05.06.2018 18:14, Valery Ushakov wrote:
>> Kamil Rytarowski <> wrote:
>>> We've faced a problem with sanitizing part of the NetBSD userland, as we
>>> need to use helper functions to make sanitization possible in some
>>> narrow cases that aren't clear for sanitizers.
>>> The current problem is the usage of callback functions defined in
>>> programs and executed from the internals of libc.
>> [...] 
>>> Once a callback function is executed from the internals of libc, a
>>> sanitized program does not know whether the arguments passed to it are
>>> properly initialized.
>> Why?  What makes calling from libc special?  It's probably obvious to
>> you since you've been workign on this for a while, but most of us have
>> no clue.
> In the fts_open(3) case, there is performed allocation of FTSENT
> entries inside libc and this buffer is passed to the callback
> function without prior notifying the user of fts_open(3) about these
> elements (their address and size of initialized buffer).  MSan does
> not know whether the passed arguments to the arguments of the
> callback are initialized or not.

So the issue is that libc is compiled without sanitizer and
allocations done inside libc are not known to a sanitizer?  For libc
functions that return allocated memory I guess you mark it in the
sanitizer's interposed wrapper ("interceptor"?), but in the case of
callbacks there is no interceptor between libc and the callback to do
that.  Is that about right?


Home | Main Index | Thread Index | Old Index