1 // RUN: %clang_dfsan -fno-sanitize=dataflow -O2 -fPIE -DCALLBACKS -c %s -o %t-callbacks.o
2 // RUN: %clang_dfsan -fsanitize-ignorelist=%S/Inputs/flags_abilist.txt -O2 -mllvm -dfsan-conditional-callbacks %s %t-callbacks.o -o %t
3 // RUN: %run %t FooBarBaz 2>&1 | FileCheck %s
4 //
5 // RUN: %clang_dfsan -fno-sanitize=dataflow -O2 -fPIE -DCALLBACKS -DORIGINS -c %s -o %t-callbacks-orig.o
6 // RUN: %clang_dfsan -fsanitize-ignorelist=%S/Inputs/flags_abilist.txt -O2 -mllvm -dfsan-conditional-callbacks -mllvm -dfsan-track-origins=1 -DORIGINS %s %t-callbacks-orig.o -o %t-orig
7 // RUN: %run %t-orig FooBarBaz 2>&1 | FileCheck %s
8 //
9 // REQUIRES: x86_64-target-arch
10 
11 // Tests that callbacks are inserted for conditionals when
12 // -dfsan-conditional-callbacks is specified.
13 
14 #include <assert.h>
15 #include <sanitizer/dfsan_interface.h>
16 #include <stdio.h>
17 #include <string.h>
18 
19 #ifdef CALLBACKS
20 // Compile this code without DFSan to avoid recursive instrumentation.
21 
22 extern dfsan_label LabelI;
23 extern dfsan_label LabelJ;
24 extern dfsan_label LabelIJ;
25 
my_dfsan_conditional_callback(dfsan_label Label,dfsan_origin Origin)26 void my_dfsan_conditional_callback(dfsan_label Label, dfsan_origin Origin) {
27   assert(Label != 0);
28 #ifdef ORIGINS
29   assert(Origin != 0);
30 #else
31   assert(Origin == 0);
32 #endif
33 
34   static int Count = 0;
35   switch (Count++) {
36   case 0:
37     assert(Label == LabelI);
38     break;
39   case 1:
40     assert(Label == LabelJ);
41     break;
42   case 2:
43     assert(Label == LabelIJ);
44     break;
45   default:
46     break;
47   }
48 
49   fprintf(stderr, "Label %u used as condition\n", Label);
50 }
51 
52 #else
53 // Compile this code with DFSan and -dfsan-conditional-callbacks to insert the
54 // callbacks.
55 
56 dfsan_label LabelI;
57 dfsan_label LabelJ;
58 dfsan_label LabelIJ;
59 
60 extern void my_dfsan_conditional_callback(dfsan_label Label,
61                                           dfsan_origin Origin);
62 
main(int Argc,char * Argv[])63 int main(int Argc, char *Argv[]) {
64   assert(Argc == 2);
65 
66   dfsan_set_conditional_callback(my_dfsan_conditional_callback);
67 
68   int result = 0;
69   // Make these not look like constants, otherwise the branch we're expecting
70   // may be optimized out.
71   int DataI = (Argv[0][0] != 0) ? 1 : 0;
72   int DataJ = (Argv[1][0] != 0) ? 2 : 0;
73   LabelI = 1;
74   dfsan_set_label(LabelI, &DataI, sizeof(DataI));
75   LabelJ = 2;
76   dfsan_set_label(LabelJ, &DataJ, sizeof(DataJ));
77   LabelIJ = dfsan_union(LabelI, LabelJ);
78 
79   assert(dfsan_get_label(DataI) == LabelI);
80 
81   // CHECK: Label 1 used as condition
82   if (DataI) {
83     result = 42;
84   }
85 
86   assert(dfsan_get_label(DataJ) == LabelJ);
87 
88   // CHECK: Label 2 used as condition
89   switch (DataJ) {
90   case 1:
91     result += 10000;
92     break;
93   case 2:
94     result += 4200;
95     break;
96   default:
97     break;
98   }
99 
100   int tainted_cond = ((DataI * DataJ) != 1);
101   assert(dfsan_get_label(tainted_cond) == LabelIJ);
102 
103   // CHECK: Label 3 used as condition
104   result = tainted_cond ? result + 420000 : 9;
105 
106   assert(result == 424242);
107   return 0;
108 }
109 
110 #endif // #ifdef CALLBACKS
111