370d7ce580
Pointer field protection is a use-after-free vulnerability mitigation that works by changing how data structures' pointer fields are stored in memory. For more information, see the RFC: https://discourse.llvm.org/t/rfc-structure-protection-a-family-of-uaf-mitigation-techniques/85555 Reviewers: fmayer, ojhunt Pull Request: https://github.com/llvm/llvm-project/pull/172119
41 lines
713 B
C++
41 lines
713 B
C++
// RUN: %clang_cc1 -triple aarch64-linux -fexperimental-pointer-field-protection-abi -fexperimental-pointer-field-protection-tagged -emit-llvm -O1 -o - %s | FileCheck %s
|
|
|
|
int val;
|
|
|
|
struct Pointer {
|
|
int* ptr;
|
|
private:
|
|
int private_data;
|
|
};
|
|
|
|
struct ArrayType {
|
|
int* array[3];
|
|
private:
|
|
int private_data;
|
|
};
|
|
|
|
struct Array {
|
|
ArrayType array;
|
|
private:
|
|
int private_data;
|
|
};
|
|
|
|
struct Struct {
|
|
Pointer ptr;
|
|
};
|
|
|
|
// CHECK-LABEL: test_pointer
|
|
Pointer test_pointer(Pointer t) {
|
|
t.ptr = &val;
|
|
return t;
|
|
}
|
|
// CHECK: call {{.*}} @llvm.protected.field.ptr.p0{{.*}}
|
|
|
|
|
|
|
|
// CHECK-LABEL: test_struct
|
|
int* test_struct(Struct *t) {
|
|
return (t->ptr).ptr;
|
|
}
|
|
// CHECK: call {{.*}} @llvm.protected.field.ptr.p0{{.*}}
|