Skip to content

Commit

Permalink
Auto merge of #935 - christianpoveda:blacklist-env-vars, r=RalfJung
Browse files Browse the repository at this point in the history
Exclude environment variables from host communication

related issue: #933

r? @RalfJung
  • Loading branch information
bors committed Aug 29, 2019
2 parents 2661580 + 5a6ebd3 commit 4345e28
Show file tree
Hide file tree
Showing 6 changed files with 29 additions and 4 deletions.
2 changes: 2 additions & 0 deletions README.md
Original file line number Diff line number Diff line change
Expand Up @@ -160,6 +160,8 @@ Several `-Z` flags are relevant for Miri:
* `-Zmiri-disable-isolation` disables host host isolation. As a consequence,
the program has access to host resources such as environment variables and
randomness (and, eventually, file systems and more).
* `-Zmiri-env-exclude=<var>` keeps the `var` environment variable isolated from
the host. It can be used multiple times to exclude several variables.
* `-Zmir-opt-level` controls how many MIR optimizations are performed. Miri
overrides the default to be `0`; be advised that using any higher level can
make Miri miss bugs in your program because they got optimized away.
Expand Down
1 change: 1 addition & 0 deletions src/bin/miri-rustc-tests.rs
Original file line number Diff line number Diff line change
Expand Up @@ -51,6 +51,7 @@ impl rustc_driver::Callbacks for MiriCompilerCalls {
let config = MiriConfig {
validate: true,
communicate: false,
excluded_env_vars: vec![],
args: vec![],
seed: None,
};
Expand Down
12 changes: 11 additions & 1 deletion src/bin/miri.rs
Original file line number Diff line number Diff line change
Expand Up @@ -135,6 +135,7 @@ fn main() {
let mut rustc_args = vec![];
let mut miri_args = vec![];
let mut after_dashdash = false;
let mut excluded_env_vars = vec![];
for arg in std::env::args() {
if rustc_args.is_empty() {
// Very first arg: for `rustc`.
Expand Down Expand Up @@ -175,6 +176,9 @@ fn main() {
seed = Some(u64::from_be_bytes(bytes));

},
arg if arg.starts_with("-Zmiri-env-exclude=") => {
excluded_env_vars.push(arg.trim_start_matches("-Zmiri-env-exclude=").to_owned());
},
_ => {
rustc_args.push(arg);
}
Expand All @@ -200,7 +204,13 @@ fn main() {

debug!("rustc arguments: {:?}", rustc_args);
debug!("miri arguments: {:?}", miri_args);
let miri_config = miri::MiriConfig { validate, communicate, args: miri_args, seed };
let miri_config = miri::MiriConfig {
validate,
communicate,
excluded_env_vars,
seed,
args: miri_args,
};
let result = rustc_driver::report_ices_to_stderr_if_any(move || {
rustc_driver::run_compiler(&rustc_args, &mut MiriCompilerCalls { miri_config }, None, None)
}).and_then(|result| result);
Expand Down
5 changes: 4 additions & 1 deletion src/eval.rs
Original file line number Diff line number Diff line change
Expand Up @@ -22,6 +22,9 @@ pub struct MiriConfig {
pub validate: bool,
/// Determines if communication with the host environment is enabled.
pub communicate: bool,
/// Environment variables that should always be isolated from the host.
pub excluded_env_vars: Vec<String>,
/// Command-line arguments passed to the interpreted program.
pub args: Vec<String>,
/// The seed to use when non-determinism or randomness are required (e.g. ptr-to-int cast, `getrandom()`).
pub seed: Option<u64>,
Expand All @@ -40,7 +43,7 @@ pub fn create_ecx<'mir, 'tcx: 'mir>(
MemoryExtra::new(StdRng::seed_from_u64(config.seed.unwrap_or(0)), config.validate),
);
// Complete initialization.
EnvVars::init(&mut ecx);
EnvVars::init(&mut ecx, config.excluded_env_vars);

// Setup first stack-frame
let main_instance = ty::Instance::mono(ecx.tcx.tcx, main_id);
Expand Down
7 changes: 5 additions & 2 deletions src/shims/env.rs
Original file line number Diff line number Diff line change
Expand Up @@ -15,11 +15,14 @@ pub struct EnvVars {
impl EnvVars {
pub(crate) fn init<'mir, 'tcx>(
ecx: &mut InterpCx<'mir, 'tcx, Evaluator<'tcx>>,
excluded_env_vars: Vec<String>,
) {
if ecx.machine.communicate {
for (name, value) in std::env::vars() {
let var_ptr = alloc_env_var(name.as_bytes(), value.as_bytes(), ecx.memory_mut());
ecx.machine.env_vars.map.insert(name.into_bytes(), var_ptr);
if !excluded_env_vars.contains(&name) {
let var_ptr = alloc_env_var(name.as_bytes(), value.as_bytes(), ecx.memory_mut());
ecx.machine.env_vars.map.insert(name.into_bytes(), var_ptr);
}
}
}
}
Expand Down
6 changes: 6 additions & 0 deletions tests/run-pass/env-exclude.rs
Original file line number Diff line number Diff line change
@@ -0,0 +1,6 @@
// ignore-windows: TODO env var emulation stubbed out on Windows
// compile-flags: -Zmiri-disable-isolation -Zmiri-env-exclude=MIRI_ENV_VAR_TEST

fn main() {
assert!(std::env::var("MIRI_ENV_VAR_TEST").is_err());
}

0 comments on commit 4345e28

Please sign in to comment.