diff options
author | Peter Collingbourne <peter@pcc.me.uk> | 2015-02-20 20:30:56 +0000 |
---|---|---|
committer | Peter Collingbourne <peter@pcc.me.uk> | 2015-02-20 20:30:56 +0000 |
commit | f9d64b33ebc403c7cf746b848352b1606e2beb0b (patch) | |
tree | 04cd318bd0a0686bc3ed06812361404c0b74b152 /include/clang/Basic/Sanitizers.def | |
parent | 01ec5f25641bc4a985138e068cf4b739531cc298 (diff) |
Implement Control Flow Integrity for virtual calls.
This patch introduces the -fsanitize=cfi-vptr flag, which enables a control
flow integrity scheme that checks that virtual calls take place using a vptr of
the correct dynamic type. More details in the new docs/ControlFlowIntegrity.rst
file.
It also introduces the -fsanitize=cfi flag, which is currently a synonym for
-fsanitize=cfi-vptr, but will eventually cover all CFI checks implemented
in Clang.
Differential Revision: http://reviews.llvm.org/D7424
git-svn-id: https://llvm.org/svn/llvm-project/cfe/trunk@230055 91177308-0d34-0410-b5e6-96231b3b80d8
Diffstat (limited to 'include/clang/Basic/Sanitizers.def')
-rw-r--r-- | include/clang/Basic/Sanitizers.def | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/include/clang/Basic/Sanitizers.def b/include/clang/Basic/Sanitizers.def index 91a1ef4d19..a0acce967f 100644 --- a/include/clang/Basic/Sanitizers.def +++ b/include/clang/Basic/Sanitizers.def @@ -76,6 +76,10 @@ SANITIZER("unsigned-integer-overflow", UnsignedIntegerOverflow) // DataFlowSanitizer SANITIZER("dataflow", DataFlow) +// Control Flow Integrity +SANITIZER("cfi-vptr", CFIVptr) +SANITIZER_GROUP("cfi", CFI, CFIVptr) + // -fsanitize=undefined includes all the sanitizers which have low overhead, no // ABI or address space layout implications, and only catch undefined behavior. SANITIZER_GROUP("undefined", Undefined, |