diff options
Diffstat (limited to 'test/asan/TestCases/Linux/read_binary_name_regtest.c')
-rw-r--r-- | test/asan/TestCases/Linux/read_binary_name_regtest.c | 50 |
1 files changed, 50 insertions, 0 deletions
diff --git a/test/asan/TestCases/Linux/read_binary_name_regtest.c b/test/asan/TestCases/Linux/read_binary_name_regtest.c new file mode 100644 index 000000000000..0e408d0e366d --- /dev/null +++ b/test/asan/TestCases/Linux/read_binary_name_regtest.c @@ -0,0 +1,50 @@ +// Regression test for https://crbug.com/502974, where ASan was unable to read +// the binary name because of sandbox restrictions. +// This test uses seccomp-BPF to restrict the readlink() system call and makes +// sure ASan is still able to +// RUN: not ls /usr/include/linux/seccomp.h || ( %clang_asan %s -o %t && not %run %t 2>&1 | FileCheck %s ) +// UNSUPPORTED: android + +#include <errno.h> +#include <stddef.h> +#include <stdlib.h> +#include <stdio.h> +#include <sys/prctl.h> +#include <sys/syscall.h> +#include <linux/filter.h> +#include <linux/seccomp.h> + +#define syscall_nr (offsetof(struct seccomp_data, nr)) + +void corrupt() { + void *p = malloc(10); + free(p); + free(p); +} + +int main() { + prctl(PR_SET_NO_NEW_PRIVS, 1, 0, 0, 0); + + struct sock_filter filter[] = { + /* Grab the system call number */ + BPF_STMT(BPF_LD + BPF_W + BPF_ABS, syscall_nr), + // If this is __NR_readlink, + BPF_JUMP(BPF_JMP + BPF_JEQ + BPF_K, __NR_readlink, 0, 1), + // return with EPERM, + BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ERRNO | EPERM), + // otherwise allow the syscall. + BPF_STMT(BPF_RET + BPF_K, SECCOMP_RET_ALLOW) + }; + struct sock_fprog prog; + prog.len = (unsigned short)(sizeof(filter)/sizeof(filter[0])); + prog.filter = filter; + + int res = prctl(PR_SET_SECCOMP, SECCOMP_MODE_FILTER, &prog, 0, 0); + if (res != 0) { + fprintf(stderr, "PR_SET_SECCOMP unsupported!\n"); + } + corrupt(); + // CHECK: AddressSanitizer + // CHECK-NOT: reading executable name failed + return 0; +} |