diff options
| author | Peter Collingbourne <peter@pcc.me.uk> | 2015-07-08 23:22:39 +0000 |
|---|---|---|
| committer | Peter Collingbourne <peter@pcc.me.uk> | 2015-07-08 23:22:39 +0000 |
| commit | 0ea4c414a97f8101a7cf90f90e98a42d50a1b935 (patch) | |
| tree | c2274540c40690e102d2e9371747689439173272 /lib/ubsan | |
| parent | d4b928a1868be64787cdff60052db7671ce73ae7 (diff) | |
UBSan: Simplify logic for locating the RTTI object.
The image-relative complete object locator contains a reference to itself,
which we can use to compute the image base without using VirtualQuery.
Spotted by David Majnemer.
git-svn-id: https://llvm.org/svn/llvm-project/compiler-rt/trunk@241758 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'lib/ubsan')
| -rw-r--r-- | lib/ubsan/ubsan_type_hash_win.cc | 23 |
1 files changed, 16 insertions, 7 deletions
diff --git a/lib/ubsan/ubsan_type_hash_win.cc b/lib/ubsan/ubsan_type_hash_win.cc index 44fa627cf..271c4aaf6 100644 --- a/lib/ubsan/ubsan_type_hash_win.cc +++ b/lib/ubsan/ubsan_type_hash_win.cc @@ -19,12 +19,23 @@ #include "sanitizer_common/sanitizer_common.h" #include <typeinfo> -#include <windows.h> struct CompleteObjectLocator { int is_image_relative; int offset_to_top; int vfptr_offset; + int rtti_addr; + int chd_addr; + int obj_locator_addr; +}; + +struct CompleteObjectLocatorAbs { + int is_image_relative; + int offset_to_top; + int vfptr_offset; + std::type_info *rtti_addr; + void *chd_addr; + CompleteObjectLocator *obj_locator_addr; }; bool __ubsan::checkDynamicType(void *Object, void *Type, HashValue Hash) { @@ -45,17 +56,15 @@ __ubsan::getDynamicTypeInfoFromVtable(void *VtablePtr) { CompleteObjectLocator *obj_locator = *obj_locator_ptr; if (!IsAccessibleMemoryRange((uptr)obj_locator, - sizeof(CompleteObjectLocator)+sizeof(void*))) + sizeof(CompleteObjectLocator))) return DynamicTypeInfo(0, 0, 0); std::type_info *tinfo; if (obj_locator->is_image_relative == 1) { - MEMORY_BASIC_INFORMATION mbi; - VirtualQuery(obj_locator, &mbi, sizeof(mbi)); - tinfo = (std::type_info*)(*(int*)(obj_locator+1) + - (char*)mbi.AllocationBase); + char *image_base = ((char *)obj_locator) - obj_locator->obj_locator_addr; + tinfo = (std::type_info *)(image_base + obj_locator->rtti_addr); } else if (obj_locator->is_image_relative == 0) - tinfo = *(std::type_info**)(obj_locator+1); + tinfo = ((CompleteObjectLocatorAbs *)obj_locator)->rtti_addr; else // Probably not a complete object locator. return DynamicTypeInfo(0, 0, 0); |