1287516Sdim//===-- ubsan_type_hash_win.cc --------------------------------------------===// 2287516Sdim// 3287516Sdim// The LLVM Compiler Infrastructure 4287516Sdim// 5287516Sdim// This file is distributed under the University of Illinois Open Source 6287516Sdim// License. See LICENSE.TXT for details. 7287516Sdim// 8287516Sdim//===----------------------------------------------------------------------===// 9287516Sdim// 10287516Sdim// Implementation of type hashing/lookup for Microsoft C++ ABI. 11287516Sdim// 12287516Sdim//===----------------------------------------------------------------------===// 13287516Sdim 14287516Sdim#include "sanitizer_common/sanitizer_platform.h" 15287516Sdim#include "ubsan_platform.h" 16287516Sdim#if CAN_SANITIZE_UB && SANITIZER_WINDOWS 17287516Sdim#include "ubsan_type_hash.h" 18287516Sdim 19287516Sdim#include "sanitizer_common/sanitizer_common.h" 20287516Sdim 21287516Sdim#include <typeinfo> 22287516Sdim 23287516Sdimstruct CompleteObjectLocator { 24287516Sdim int is_image_relative; 25287516Sdim int offset_to_top; 26287516Sdim int vfptr_offset; 27287516Sdim int rtti_addr; 28287516Sdim int chd_addr; 29287516Sdim int obj_locator_addr; 30287516Sdim}; 31287516Sdim 32287516Sdimstruct CompleteObjectLocatorAbs { 33287516Sdim int is_image_relative; 34287516Sdim int offset_to_top; 35287516Sdim int vfptr_offset; 36287516Sdim std::type_info *rtti_addr; 37287516Sdim void *chd_addr; 38287516Sdim CompleteObjectLocator *obj_locator_addr; 39287516Sdim}; 40287516Sdim 41287516Sdimbool __ubsan::checkDynamicType(void *Object, void *Type, HashValue Hash) { 42287516Sdim // FIXME: Implement. 43287516Sdim return false; 44287516Sdim} 45287516Sdim 46287516Sdim__ubsan::DynamicTypeInfo 47287516Sdim__ubsan::getDynamicTypeInfoFromVtable(void *VtablePtr) { 48287516Sdim // The virtual table may not have a complete object locator if the object 49287516Sdim // was compiled without RTTI (i.e. we might be reading from some other global 50287516Sdim // laid out before the virtual table), so we need to carefully validate each 51287516Sdim // pointer dereference and perform sanity checks. 52287516Sdim CompleteObjectLocator **obj_locator_ptr = 53287516Sdim ((CompleteObjectLocator**)VtablePtr)-1; 54287516Sdim if (!IsAccessibleMemoryRange((uptr)obj_locator_ptr, sizeof(void*))) 55287516Sdim return DynamicTypeInfo(0, 0, 0); 56287516Sdim 57287516Sdim CompleteObjectLocator *obj_locator = *obj_locator_ptr; 58287516Sdim if (!IsAccessibleMemoryRange((uptr)obj_locator, 59287516Sdim sizeof(CompleteObjectLocator))) 60287516Sdim return DynamicTypeInfo(0, 0, 0); 61287516Sdim 62287516Sdim std::type_info *tinfo; 63287516Sdim if (obj_locator->is_image_relative == 1) { 64287516Sdim char *image_base = ((char *)obj_locator) - obj_locator->obj_locator_addr; 65287516Sdim tinfo = (std::type_info *)(image_base + obj_locator->rtti_addr); 66287516Sdim } else if (obj_locator->is_image_relative == 0) 67287516Sdim tinfo = ((CompleteObjectLocatorAbs *)obj_locator)->rtti_addr; 68287516Sdim else 69287516Sdim // Probably not a complete object locator. 70287516Sdim return DynamicTypeInfo(0, 0, 0); 71287516Sdim 72287516Sdim if (!IsAccessibleMemoryRange((uptr)tinfo, sizeof(std::type_info))) 73287516Sdim return DynamicTypeInfo(0, 0, 0); 74287516Sdim 75287516Sdim // Okay, this is probably a std::type_info. Request its name. 76287516Sdim // FIXME: Implement a base class search like we do for Itanium. 77287516Sdim return DynamicTypeInfo(tinfo->name(), obj_locator->offset_to_top, 78287516Sdim "<unknown>"); 79287516Sdim} 80287516Sdim 81287516Sdim#endif // CAN_SANITIZE_UB && SANITIZER_WINDOWS 82