1//===-- asan_malloc_win.cc ------------------------------------------------===//
2//
3// This file is distributed under the University of Illinois Open Source
4// License. See LICENSE.TXT for details.
5//
6//===----------------------------------------------------------------------===//
7//
8// This file is a part of AddressSanitizer, an address sanity checker.
9//
10// Windows-specific malloc interception.
11//===----------------------------------------------------------------------===//
12
13#include "sanitizer_common/sanitizer_platform.h"
14#if SANITIZER_WINDOWS
15
16#include "asan_allocator.h"
17#include "asan_interceptors.h"
18#include "asan_internal.h"
19#include "asan_stack.h"
20#include "sanitizer_common/sanitizer_interception.h"
21
22#include <stddef.h>
23
24using namespace __asan;  // NOLINT
25
26// MT: Simply defining functions with the same signature in *.obj
27// files overrides the standard functions in the CRT.
28// MD: Memory allocation functions are defined in the CRT .dll,
29// so we have to intercept them before they are called for the first time.
30
31#if ASAN_DYNAMIC
32# define ALLOCATION_FUNCTION_ATTRIBUTE
33#else
34# define ALLOCATION_FUNCTION_ATTRIBUTE SANITIZER_INTERFACE_ATTRIBUTE
35#endif
36
37extern "C" {
38ALLOCATION_FUNCTION_ATTRIBUTE
39void free(void *ptr) {
40  GET_STACK_TRACE_FREE;
41  return asan_free(ptr, &stack, FROM_MALLOC);
42}
43
44ALLOCATION_FUNCTION_ATTRIBUTE
45void _free_dbg(void *ptr, int) {
46  free(ptr);
47}
48
49ALLOCATION_FUNCTION_ATTRIBUTE
50void cfree(void *ptr) {
51  CHECK(!"cfree() should not be used on Windows");
52}
53
54ALLOCATION_FUNCTION_ATTRIBUTE
55void *malloc(size_t size) {
56  GET_STACK_TRACE_MALLOC;
57  return asan_malloc(size, &stack);
58}
59
60ALLOCATION_FUNCTION_ATTRIBUTE
61void *_malloc_dbg(size_t size, int, const char *, int) {
62  return malloc(size);
63}
64
65ALLOCATION_FUNCTION_ATTRIBUTE
66void *calloc(size_t nmemb, size_t size) {
67  GET_STACK_TRACE_MALLOC;
68  return asan_calloc(nmemb, size, &stack);
69}
70
71ALLOCATION_FUNCTION_ATTRIBUTE
72void *_calloc_dbg(size_t nmemb, size_t size, int, const char *, int) {
73  return calloc(nmemb, size);
74}
75
76ALLOCATION_FUNCTION_ATTRIBUTE
77void *_calloc_impl(size_t nmemb, size_t size, int *errno_tmp) {
78  return calloc(nmemb, size);
79}
80
81ALLOCATION_FUNCTION_ATTRIBUTE
82void *realloc(void *ptr, size_t size) {
83  GET_STACK_TRACE_MALLOC;
84  return asan_realloc(ptr, size, &stack);
85}
86
87ALLOCATION_FUNCTION_ATTRIBUTE
88void *_realloc_dbg(void *ptr, size_t size, int) {
89  CHECK(!"_realloc_dbg should not exist!");
90  return 0;
91}
92
93ALLOCATION_FUNCTION_ATTRIBUTE
94void *_recalloc(void *p, size_t n, size_t elem_size) {
95  if (!p)
96    return calloc(n, elem_size);
97  const size_t size = n * elem_size;
98  if (elem_size != 0 && size / elem_size != n)
99    return 0;
100  return realloc(p, size);
101}
102
103ALLOCATION_FUNCTION_ATTRIBUTE
104size_t _msize(void *ptr) {
105  GET_CURRENT_PC_BP_SP;
106  (void)sp;
107  return asan_malloc_usable_size(ptr, pc, bp);
108}
109
110ALLOCATION_FUNCTION_ATTRIBUTE
111void *_expand(void *memblock, size_t size) {
112  // _expand is used in realloc-like functions to resize the buffer if possible.
113  // We don't want memory to stand still while resizing buffers, so return 0.
114  return 0;
115}
116
117ALLOCATION_FUNCTION_ATTRIBUTE
118void *_expand_dbg(void *memblock, size_t size) {
119  return _expand(memblock, size);
120}
121
122// TODO(timurrrr): Might want to add support for _aligned_* allocation
123// functions to detect a bit more bugs.  Those functions seem to wrap malloc().
124
125int _CrtDbgReport(int, const char*, int,
126                  const char*, const char*, ...) {
127  ShowStatsAndAbort();
128}
129
130int _CrtDbgReportW(int reportType, const wchar_t*, int,
131                   const wchar_t*, const wchar_t*, ...) {
132  ShowStatsAndAbort();
133}
134
135int _CrtSetReportMode(int, int) {
136  return 0;
137}
138}  // extern "C"
139
140namespace __asan {
141void ReplaceSystemMalloc() {
142#if defined(ASAN_DYNAMIC)
143  // We don't check the result because CRT might not be used in the process.
144  __interception::OverrideFunction("free", (uptr)free);
145  __interception::OverrideFunction("malloc", (uptr)malloc);
146  __interception::OverrideFunction("_malloc_crt", (uptr)malloc);
147  __interception::OverrideFunction("calloc", (uptr)calloc);
148  __interception::OverrideFunction("_calloc_crt", (uptr)calloc);
149  __interception::OverrideFunction("realloc", (uptr)realloc);
150  __interception::OverrideFunction("_realloc_crt", (uptr)realloc);
151  __interception::OverrideFunction("_recalloc", (uptr)_recalloc);
152  __interception::OverrideFunction("_recalloc_crt", (uptr)_recalloc);
153  __interception::OverrideFunction("_msize", (uptr)_msize);
154  __interception::OverrideFunction("_expand", (uptr)_expand);
155
156  // Override different versions of 'operator new' and 'operator delete'.
157  // No need to override the nothrow versions as they just wrap the throw
158  // versions.
159  // FIXME: Unfortunately, MSVC miscompiles the statements that take the
160  // addresses of the array versions of these operators,
161  // see https://connect.microsoft.com/VisualStudio/feedbackdetail/view/946992
162  // We might want to try to work around this by [inline] assembly or compiling
163  // parts of the RTL with Clang.
164  void *(*op_new)(size_t sz) = operator new;
165  void (*op_delete)(void *p) = operator delete;
166  void *(*op_array_new)(size_t sz) = operator new[];
167  void (*op_array_delete)(void *p) = operator delete[];
168  __interception::OverrideFunction("??2@YAPAXI@Z", (uptr)op_new);
169  __interception::OverrideFunction("??3@YAXPAX@Z", (uptr)op_delete);
170  __interception::OverrideFunction("??_U@YAPAXI@Z", (uptr)op_array_new);
171  __interception::OverrideFunction("??_V@YAXPAX@Z", (uptr)op_array_delete);
172#endif
173}
174}  // namespace __asan
175
176#endif  // _WIN32
177