| 1 | //===-- msan_interceptors.cpp ---------------------------------------------===// |
|---|
| 2 | // |
|---|
| 3 | // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. |
|---|
| 4 | // See https://llvm.org/LICENSE.txt for license information. |
|---|
| 5 | // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception |
|---|
| 6 | // |
|---|
| 7 | //===----------------------------------------------------------------------===// |
|---|
| 8 | // |
|---|
| 9 | // This file is a part of MemorySanitizer. |
|---|
| 10 | // |
|---|
| 11 | // Interceptors for standard library functions. |
|---|
| 12 | // |
|---|
| 13 | // FIXME: move as many interceptors as possible into |
|---|
| 14 | // sanitizer_common/sanitizer_common_interceptors.h |
|---|
| 15 | //===----------------------------------------------------------------------===// |
|---|
| 16 | |
|---|
| 17 | #define SANITIZER_COMMON_NO_REDEFINE_BUILTINS |
|---|
| 18 | |
|---|
| 19 | #include "interception/interception.h" |
|---|
| 20 | #include "msan.h" |
|---|
| 21 | #include "msan_chained_origin_depot.h" |
|---|
| 22 | #include "msan_dl.h" |
|---|
| 23 | #include "msan_origin.h" |
|---|
| 24 | #include "msan_poisoning.h" |
|---|
| 25 | #include "msan_report.h" |
|---|
| 26 | #include "msan_thread.h" |
|---|
| 27 | #include "sanitizer_common/sanitizer_allocator.h" |
|---|
| 28 | #include "sanitizer_common/sanitizer_allocator_dlsym.h" |
|---|
| 29 | #include "sanitizer_common/sanitizer_allocator_interface.h" |
|---|
| 30 | #include "sanitizer_common/sanitizer_atomic.h" |
|---|
| 31 | #include "sanitizer_common/sanitizer_common.h" |
|---|
| 32 | #include "sanitizer_common/sanitizer_errno.h" |
|---|
| 33 | #include "sanitizer_common/sanitizer_errno_codes.h" |
|---|
| 34 | #include "sanitizer_common/sanitizer_glibc_version.h" |
|---|
| 35 | #include "sanitizer_common/sanitizer_libc.h" |
|---|
| 36 | #include "sanitizer_common/sanitizer_linux.h" |
|---|
| 37 | #include "sanitizer_common/sanitizer_platform_limits_netbsd.h" |
|---|
| 38 | #include "sanitizer_common/sanitizer_platform_limits_posix.h" |
|---|
| 39 | #include "sanitizer_common/sanitizer_stackdepot.h" |
|---|
| 40 | #include "sanitizer_common/sanitizer_tls_get_addr.h" |
|---|
| 41 | #include "sanitizer_common/sanitizer_vector.h" |
|---|
| 42 | |
|---|
| 43 | #if SANITIZER_NETBSD |
|---|
| 44 | #define fstat __fstat50 |
|---|
| 45 | #define gettimeofday __gettimeofday50 |
|---|
| 46 | #define getrusage __getrusage50 |
|---|
| 47 | #define tzset __tzset50 |
|---|
| 48 | #endif |
|---|
| 49 | |
|---|
| 50 | #include <stdarg.h> |
|---|
| 51 | // ACHTUNG! No other system header includes in this file. |
|---|
| 52 | // Ideally, we should get rid of stdarg.h as well. |
|---|
| 53 | |
|---|
| 54 | using namespace __msan; |
|---|
| 55 | |
|---|
| 56 | using __sanitizer::memory_order; |
|---|
| 57 | using __sanitizer::atomic_load; |
|---|
| 58 | using __sanitizer::atomic_store; |
|---|
| 59 | using __sanitizer::atomic_uintptr_t; |
|---|
| 60 | |
|---|
| 61 | DECLARE_REAL(SIZE_T, strlen, const char *s) |
|---|
| 62 | DECLARE_REAL(SIZE_T, strnlen, const char *s, SIZE_T maxlen) |
|---|
| 63 | DECLARE_REAL(void *, memcpy, void *dest, const void *src, uptr n) |
|---|
| 64 | DECLARE_REAL(void *, memset, void *dest, int c, uptr n) |
|---|
| 65 | |
|---|
| 66 | // True if this is a nested interceptor. |
|---|
| 67 | static THREADLOCAL int in_interceptor_scope; |
|---|
| 68 | |
|---|
| 69 | void __msan_scoped_disable_interceptor_checks() { ++in_interceptor_scope; } |
|---|
| 70 | void __msan_scoped_enable_interceptor_checks() { --in_interceptor_scope; } |
|---|
| 71 | |
|---|
| 72 | struct InterceptorScope { |
|---|
| 73 | InterceptorScope() { ++in_interceptor_scope; } |
|---|
| 74 | ~InterceptorScope() { --in_interceptor_scope; } |
|---|
| 75 | }; |
|---|
| 76 | |
|---|
| 77 | bool IsInInterceptorScope() { |
|---|
| 78 | return in_interceptor_scope; |
|---|
| 79 | } |
|---|
| 80 | |
|---|
| 81 | struct DlsymAlloc : public DlSymAllocator<DlsymAlloc> { |
|---|
| 82 | static bool UseImpl() { return !msan_inited; } |
|---|
| 83 | }; |
|---|
| 84 | |
|---|
| 85 | #define ENSURE_MSAN_INITED() do { \ |
|---|
| 86 | CHECK(!msan_init_is_running); \ |
|---|
| 87 | if (!msan_inited) { \ |
|---|
| 88 | __msan_init(); \ |
|---|
| 89 | } \ |
|---|
| 90 | } while (0) |
|---|
| 91 | |
|---|
| 92 | // Check that [x, x+n) range is unpoisoned. |
|---|
| 93 | #define CHECK_UNPOISONED_0(x, n) \ |
|---|
| 94 | do { \ |
|---|
| 95 | sptr __offset = __msan_test_shadow(x, n); \ |
|---|
| 96 | if (__msan::IsInSymbolizerOrUnwider()) \ |
|---|
| 97 | break; \ |
|---|
| 98 | if (__offset >= 0 && __msan::flags()->report_umrs) { \ |
|---|
| 99 | GET_CALLER_PC_BP; \ |
|---|
| 100 | ReportUMRInsideAddressRange(__func__, x, n, __offset); \ |
|---|
| 101 | __msan::PrintWarningWithOrigin( \ |
|---|
| 102 | pc, bp, __msan_get_origin((const char *)x + __offset)); \ |
|---|
| 103 | if (__msan::flags()->halt_on_error) { \ |
|---|
| 104 | Printf("Exiting\n"); \ |
|---|
| 105 | Die(); \ |
|---|
| 106 | } \ |
|---|
| 107 | } \ |
|---|
| 108 | } while (0) |
|---|
| 109 | |
|---|
| 110 | // Check that [x, x+n) range is unpoisoned unless we are in a nested |
|---|
| 111 | // interceptor. |
|---|
| 112 | #define CHECK_UNPOISONED(x, n) \ |
|---|
| 113 | do { \ |
|---|
| 114 | if (!IsInInterceptorScope()) CHECK_UNPOISONED_0(x, n); \ |
|---|
| 115 | } while (0) |
|---|
| 116 | |
|---|
| 117 | #define CHECK_UNPOISONED_STRING_OF_LEN(x, len, n) \ |
|---|
| 118 | CHECK_UNPOISONED((x), \ |
|---|
| 119 | common_flags()->strict_string_checks ? (len) + 1 : (n) ) |
|---|
| 120 | |
|---|
| 121 | #define CHECK_UNPOISONED_STRING(x, n) \ |
|---|
| 122 | CHECK_UNPOISONED_STRING_OF_LEN((x), internal_strlen(x), (n)) |
|---|
| 123 | |
|---|
| 124 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 125 | INTERCEPTOR(SIZE_T, fread_unlocked, void *ptr, SIZE_T size, SIZE_T nmemb, |
|---|
| 126 | void *file) { |
|---|
| 127 | ENSURE_MSAN_INITED(); |
|---|
| 128 | SIZE_T res = REAL(fread_unlocked)(ptr, size, nmemb, file); |
|---|
| 129 | if (res > 0) |
|---|
| 130 | __msan_unpoison(a: ptr, size: res *size); |
|---|
| 131 | return res; |
|---|
| 132 | } |
|---|
| 133 | #define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED INTERCEPT_FUNCTION(fread_unlocked) |
|---|
| 134 | #else |
|---|
| 135 | #define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED |
|---|
| 136 | #endif |
|---|
| 137 | |
|---|
| 138 | #if !SANITIZER_NETBSD |
|---|
| 139 | INTERCEPTOR(void *, mempcpy, void *dest, const void *src, SIZE_T n) { |
|---|
| 140 | return (char *)__msan_memcpy(dst: dest, src, size: n) + n; |
|---|
| 141 | } |
|---|
| 142 | #define MSAN_MAYBE_INTERCEPT_MEMPCPY INTERCEPT_FUNCTION(mempcpy) |
|---|
| 143 | #else |
|---|
| 144 | #define MSAN_MAYBE_INTERCEPT_MEMPCPY |
|---|
| 145 | #endif |
|---|
| 146 | |
|---|
| 147 | INTERCEPTOR(void *, memccpy, void *dest, const void *src, int c, SIZE_T n) { |
|---|
| 148 | ENSURE_MSAN_INITED(); |
|---|
| 149 | void *res = REAL(memccpy)(dest, src, c, n); |
|---|
| 150 | CHECK(!res || (res >= dest && res <= (char *)dest + n)); |
|---|
| 151 | SIZE_T sz = res ? (char *)res - (char *)dest : n; |
|---|
| 152 | CHECK_UNPOISONED(src, sz); |
|---|
| 153 | __msan_unpoison(a: dest, size: sz); |
|---|
| 154 | return res; |
|---|
| 155 | } |
|---|
| 156 | |
|---|
| 157 | INTERCEPTOR(void *, bcopy, const void *src, void *dest, SIZE_T n) { |
|---|
| 158 | return __msan_memmove(dest, src, n); |
|---|
| 159 | } |
|---|
| 160 | |
|---|
| 161 | INTERCEPTOR(int, posix_memalign, void **memptr, SIZE_T alignment, SIZE_T size) { |
|---|
| 162 | GET_MALLOC_STACK_TRACE; |
|---|
| 163 | CHECK_NE(memptr, 0); |
|---|
| 164 | int res = msan_posix_memalign(memptr, alignment, size, stack: &stack); |
|---|
| 165 | if (!res) |
|---|
| 166 | __msan_unpoison(a: memptr, size: sizeof(*memptr)); |
|---|
| 167 | return res; |
|---|
| 168 | } |
|---|
| 169 | |
|---|
| 170 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 171 | INTERCEPTOR(void *, memalign, SIZE_T alignment, SIZE_T size) { |
|---|
| 172 | GET_MALLOC_STACK_TRACE; |
|---|
| 173 | return msan_memalign(alignment, size, stack: &stack); |
|---|
| 174 | } |
|---|
| 175 | #define MSAN_MAYBE_INTERCEPT_MEMALIGN INTERCEPT_FUNCTION(memalign) |
|---|
| 176 | #else |
|---|
| 177 | #define MSAN_MAYBE_INTERCEPT_MEMALIGN |
|---|
| 178 | #endif |
|---|
| 179 | |
|---|
| 180 | INTERCEPTOR(void *, aligned_alloc, SIZE_T alignment, SIZE_T size) { |
|---|
| 181 | GET_MALLOC_STACK_TRACE; |
|---|
| 182 | return msan_aligned_alloc(alignment, size, stack: &stack); |
|---|
| 183 | } |
|---|
| 184 | |
|---|
| 185 | #if !SANITIZER_NETBSD |
|---|
| 186 | INTERCEPTOR(void *, __libc_memalign, SIZE_T alignment, SIZE_T size) { |
|---|
| 187 | GET_MALLOC_STACK_TRACE; |
|---|
| 188 | void *ptr = msan_memalign(alignment, size, stack: &stack); |
|---|
| 189 | if (ptr) |
|---|
| 190 | DTLS_on_libc_memalign(ptr, size); |
|---|
| 191 | return ptr; |
|---|
| 192 | } |
|---|
| 193 | #define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN INTERCEPT_FUNCTION(__libc_memalign) |
|---|
| 194 | #else |
|---|
| 195 | #define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN |
|---|
| 196 | #endif |
|---|
| 197 | |
|---|
| 198 | INTERCEPTOR(void *, valloc, SIZE_T size) { |
|---|
| 199 | GET_MALLOC_STACK_TRACE; |
|---|
| 200 | return msan_valloc(size, stack: &stack); |
|---|
| 201 | } |
|---|
| 202 | |
|---|
| 203 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 204 | INTERCEPTOR(void *, pvalloc, SIZE_T size) { |
|---|
| 205 | GET_MALLOC_STACK_TRACE; |
|---|
| 206 | return msan_pvalloc(size, stack: &stack); |
|---|
| 207 | } |
|---|
| 208 | #define MSAN_MAYBE_INTERCEPT_PVALLOC INTERCEPT_FUNCTION(pvalloc) |
|---|
| 209 | #else |
|---|
| 210 | #define MSAN_MAYBE_INTERCEPT_PVALLOC |
|---|
| 211 | #endif |
|---|
| 212 | |
|---|
| 213 | INTERCEPTOR(void, free, void *ptr) { |
|---|
| 214 | if (UNLIKELY(!ptr)) |
|---|
| 215 | return; |
|---|
| 216 | if (DlsymAlloc::PointerIsMine(ptr)) |
|---|
| 217 | return DlsymAlloc::Free(ptr); |
|---|
| 218 | GET_MALLOC_STACK_TRACE; |
|---|
| 219 | MsanDeallocate(stack: &stack, ptr); |
|---|
| 220 | } |
|---|
| 221 | |
|---|
| 222 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 223 | INTERCEPTOR(void, cfree, void *ptr) { |
|---|
| 224 | if (UNLIKELY(!ptr)) |
|---|
| 225 | return; |
|---|
| 226 | if (DlsymAlloc::PointerIsMine(ptr)) |
|---|
| 227 | return DlsymAlloc::Free(ptr); |
|---|
| 228 | GET_MALLOC_STACK_TRACE; |
|---|
| 229 | MsanDeallocate(stack: &stack, ptr); |
|---|
| 230 | } |
|---|
| 231 | # define MSAN_MAYBE_INTERCEPT_CFREE INTERCEPT_FUNCTION(cfree) |
|---|
| 232 | #else |
|---|
| 233 | #define MSAN_MAYBE_INTERCEPT_CFREE |
|---|
| 234 | #endif |
|---|
| 235 | |
|---|
| 236 | #if !SANITIZER_NETBSD |
|---|
| 237 | INTERCEPTOR(uptr, malloc_usable_size, void *ptr) { |
|---|
| 238 | return __sanitizer_get_allocated_size(p: ptr); |
|---|
| 239 | } |
|---|
| 240 | #define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE \ |
|---|
| 241 | INTERCEPT_FUNCTION(malloc_usable_size) |
|---|
| 242 | #else |
|---|
| 243 | #define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE |
|---|
| 244 | #endif |
|---|
| 245 | |
|---|
| 246 | #if (!SANITIZER_FREEBSD && !SANITIZER_NETBSD) || __GLIBC_PREREQ(2, 33) |
|---|
| 247 | template <class T> |
|---|
| 248 | static NOINLINE void clear_mallinfo(T *sret) { |
|---|
| 249 | ENSURE_MSAN_INITED(); |
|---|
| 250 | internal_memset(sret, 0, sizeof(*sret)); |
|---|
| 251 | __msan_unpoison(sret, sizeof(*sret)); |
|---|
| 252 | } |
|---|
| 253 | #endif |
|---|
| 254 | |
|---|
| 255 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 256 | // Interceptors use NRVO and assume that sret will be pre-allocated in |
|---|
| 257 | // caller frame. |
|---|
| 258 | INTERCEPTOR(__sanitizer_struct_mallinfo, mallinfo,) { |
|---|
| 259 | __sanitizer_struct_mallinfo sret; |
|---|
| 260 | clear_mallinfo(sret: &sret); |
|---|
| 261 | return sret; |
|---|
| 262 | } |
|---|
| 263 | # define MSAN_MAYBE_INTERCEPT_MALLINFO INTERCEPT_FUNCTION(mallinfo) |
|---|
| 264 | #else |
|---|
| 265 | # define MSAN_MAYBE_INTERCEPT_MALLINFO |
|---|
| 266 | #endif |
|---|
| 267 | |
|---|
| 268 | #if __GLIBC_PREREQ(2, 33) |
|---|
| 269 | INTERCEPTOR(__sanitizer_struct_mallinfo2, mallinfo2) { |
|---|
| 270 | __sanitizer_struct_mallinfo2 sret; |
|---|
| 271 | clear_mallinfo(sret: &sret); |
|---|
| 272 | return sret; |
|---|
| 273 | } |
|---|
| 274 | # define MSAN_MAYBE_INTERCEPT_MALLINFO2 INTERCEPT_FUNCTION(mallinfo2) |
|---|
| 275 | #else |
|---|
| 276 | # define MSAN_MAYBE_INTERCEPT_MALLINFO2 |
|---|
| 277 | #endif |
|---|
| 278 | |
|---|
| 279 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 280 | INTERCEPTOR(int, mallopt, int cmd, int value) { |
|---|
| 281 | return 0; |
|---|
| 282 | } |
|---|
| 283 | #define MSAN_MAYBE_INTERCEPT_MALLOPT INTERCEPT_FUNCTION(mallopt) |
|---|
| 284 | #else |
|---|
| 285 | #define MSAN_MAYBE_INTERCEPT_MALLOPT |
|---|
| 286 | #endif |
|---|
| 287 | |
|---|
| 288 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 289 | INTERCEPTOR(void, malloc_stats, void) { |
|---|
| 290 | // FIXME: implement, but don't call REAL(malloc_stats)! |
|---|
| 291 | } |
|---|
| 292 | #define MSAN_MAYBE_INTERCEPT_MALLOC_STATS INTERCEPT_FUNCTION(malloc_stats) |
|---|
| 293 | #else |
|---|
| 294 | #define MSAN_MAYBE_INTERCEPT_MALLOC_STATS |
|---|
| 295 | #endif |
|---|
| 296 | |
|---|
| 297 | INTERCEPTOR(char *, strcpy, char *dest, const char *src) { |
|---|
| 298 | ENSURE_MSAN_INITED(); |
|---|
| 299 | GET_STORE_STACK_TRACE; |
|---|
| 300 | SIZE_T n = internal_strlen(s: src); |
|---|
| 301 | CHECK_UNPOISONED_STRING(src + n, 0); |
|---|
| 302 | char *res = REAL(strcpy)(dest, src); |
|---|
| 303 | CopyShadowAndOrigin(dst: dest, src, size: n + 1, stack: &stack); |
|---|
| 304 | return res; |
|---|
| 305 | } |
|---|
| 306 | |
|---|
| 307 | INTERCEPTOR(char *, strncpy, char *dest, const char *src, SIZE_T n) { |
|---|
| 308 | ENSURE_MSAN_INITED(); |
|---|
| 309 | GET_STORE_STACK_TRACE; |
|---|
| 310 | SIZE_T copy_size = internal_strnlen(s: src, maxlen: n); |
|---|
| 311 | if (copy_size < n) |
|---|
| 312 | copy_size++; // trailing \0 |
|---|
| 313 | char *res = REAL(strncpy)(dest, src, n); |
|---|
| 314 | CopyShadowAndOrigin(dst: dest, src, size: copy_size, stack: &stack); |
|---|
| 315 | __msan_unpoison(a: dest + copy_size, size: n - copy_size); |
|---|
| 316 | return res; |
|---|
| 317 | } |
|---|
| 318 | |
|---|
| 319 | #if !SANITIZER_NETBSD |
|---|
| 320 | INTERCEPTOR(char *, stpcpy, char *dest, const char *src) { |
|---|
| 321 | ENSURE_MSAN_INITED(); |
|---|
| 322 | GET_STORE_STACK_TRACE; |
|---|
| 323 | SIZE_T n = internal_strlen(s: src); |
|---|
| 324 | CHECK_UNPOISONED_STRING(src + n, 0); |
|---|
| 325 | char *res = REAL(stpcpy)(dest, src); |
|---|
| 326 | CopyShadowAndOrigin(dst: dest, src, size: n + 1, stack: &stack); |
|---|
| 327 | return res; |
|---|
| 328 | } |
|---|
| 329 | |
|---|
| 330 | INTERCEPTOR(char *, stpncpy, char *dest, const char *src, SIZE_T n) { |
|---|
| 331 | ENSURE_MSAN_INITED(); |
|---|
| 332 | GET_STORE_STACK_TRACE; |
|---|
| 333 | SIZE_T copy_size = Min(a: n, b: internal_strnlen(s: src, maxlen: n) + 1); |
|---|
| 334 | char *res = REAL(stpncpy)(dest, src, n); |
|---|
| 335 | CopyShadowAndOrigin(dst: dest, src, size: copy_size, stack: &stack); |
|---|
| 336 | __msan_unpoison(a: dest + copy_size, size: n - copy_size); |
|---|
| 337 | return res; |
|---|
| 338 | } |
|---|
| 339 | # define MSAN_MAYBE_INTERCEPT_STPCPY INTERCEPT_FUNCTION(stpcpy) |
|---|
| 340 | # define MSAN_MAYBE_INTERCEPT_STPNCPY INTERCEPT_FUNCTION(stpncpy) |
|---|
| 341 | #else |
|---|
| 342 | #define MSAN_MAYBE_INTERCEPT_STPCPY |
|---|
| 343 | # define MSAN_MAYBE_INTERCEPT_STPNCPY |
|---|
| 344 | #endif |
|---|
| 345 | |
|---|
| 346 | INTERCEPTOR(char *, strdup, char *src) { |
|---|
| 347 | ENSURE_MSAN_INITED(); |
|---|
| 348 | GET_STORE_STACK_TRACE; |
|---|
| 349 | // On FreeBSD strdup() leverages strlen(). |
|---|
| 350 | InterceptorScope interceptor_scope; |
|---|
| 351 | SIZE_T n = internal_strlen(s: src); |
|---|
| 352 | CHECK_UNPOISONED_STRING(src + n, 0); |
|---|
| 353 | char *res = REAL(strdup)(src); |
|---|
| 354 | CopyShadowAndOrigin(dst: res, src, size: n + 1, stack: &stack); |
|---|
| 355 | return res; |
|---|
| 356 | } |
|---|
| 357 | |
|---|
| 358 | #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD |
|---|
| 359 | INTERCEPTOR(char *, __strdup, char *src) { |
|---|
| 360 | ENSURE_MSAN_INITED(); |
|---|
| 361 | GET_STORE_STACK_TRACE; |
|---|
| 362 | SIZE_T n = internal_strlen(s: src); |
|---|
| 363 | CHECK_UNPOISONED_STRING(src + n, 0); |
|---|
| 364 | char *res = REAL(__strdup)(src); |
|---|
| 365 | CopyShadowAndOrigin(dst: res, src, size: n + 1, stack: &stack); |
|---|
| 366 | return res; |
|---|
| 367 | } |
|---|
| 368 | #define MSAN_MAYBE_INTERCEPT___STRDUP INTERCEPT_FUNCTION(__strdup) |
|---|
| 369 | #else |
|---|
| 370 | #define MSAN_MAYBE_INTERCEPT___STRDUP |
|---|
| 371 | #endif |
|---|
| 372 | |
|---|
| 373 | #if !SANITIZER_NETBSD |
|---|
| 374 | INTERCEPTOR(char *, gcvt, double number, SIZE_T ndigit, char *buf) { |
|---|
| 375 | ENSURE_MSAN_INITED(); |
|---|
| 376 | char *res = REAL(gcvt)(number, ndigit, buf); |
|---|
| 377 | SIZE_T n = internal_strlen(s: buf); |
|---|
| 378 | __msan_unpoison(a: buf, size: n + 1); |
|---|
| 379 | return res; |
|---|
| 380 | } |
|---|
| 381 | #define MSAN_MAYBE_INTERCEPT_GCVT INTERCEPT_FUNCTION(gcvt) |
|---|
| 382 | #else |
|---|
| 383 | #define MSAN_MAYBE_INTERCEPT_GCVT |
|---|
| 384 | #endif |
|---|
| 385 | |
|---|
| 386 | INTERCEPTOR(char *, strcat, char *dest, const char *src) { |
|---|
| 387 | ENSURE_MSAN_INITED(); |
|---|
| 388 | GET_STORE_STACK_TRACE; |
|---|
| 389 | SIZE_T src_size = internal_strlen(s: src); |
|---|
| 390 | SIZE_T dest_size = internal_strlen(s: dest); |
|---|
| 391 | CHECK_UNPOISONED_STRING(src + src_size, 0); |
|---|
| 392 | CHECK_UNPOISONED_STRING(dest + dest_size, 0); |
|---|
| 393 | char *res = REAL(strcat)(dest, src); |
|---|
| 394 | CopyShadowAndOrigin(dst: dest + dest_size, src, size: src_size + 1, stack: &stack); |
|---|
| 395 | return res; |
|---|
| 396 | } |
|---|
| 397 | |
|---|
| 398 | INTERCEPTOR(char *, strncat, char *dest, const char *src, SIZE_T n) { |
|---|
| 399 | ENSURE_MSAN_INITED(); |
|---|
| 400 | GET_STORE_STACK_TRACE; |
|---|
| 401 | SIZE_T dest_size = internal_strlen(s: dest); |
|---|
| 402 | SIZE_T copy_size = internal_strnlen(s: src, maxlen: n); |
|---|
| 403 | CHECK_UNPOISONED_STRING(dest + dest_size, 0); |
|---|
| 404 | char *res = REAL(strncat)(dest, src, n); |
|---|
| 405 | CopyShadowAndOrigin(dst: dest + dest_size, src, size: copy_size, stack: &stack); |
|---|
| 406 | __msan_unpoison(a: dest + dest_size + copy_size, size: 1); // \0 |
|---|
| 407 | return res; |
|---|
| 408 | } |
|---|
| 409 | |
|---|
| 410 | // Hack: always pass nptr and endptr as part of __VA_ARGS_ to avoid having to |
|---|
| 411 | // deal with empty __VA_ARGS__ in the case of INTERCEPTOR_STRTO. |
|---|
| 412 | #define INTERCEPTOR_STRTO_BODY(ret_type, func, ...) \ |
|---|
| 413 | ENSURE_MSAN_INITED(); \ |
|---|
| 414 | ret_type res = REAL(func)(__VA_ARGS__); \ |
|---|
| 415 | __msan_unpoison(endptr, sizeof(*endptr)); \ |
|---|
| 416 | return res; |
|---|
| 417 | |
|---|
| 418 | // On s390x, long double return values are passed via implicit reference, |
|---|
| 419 | // which needs to be unpoisoned. We make the implicit pointer explicit. |
|---|
| 420 | #define INTERCEPTOR_STRTO_SRET_BODY(func, sret, ...) \ |
|---|
| 421 | ENSURE_MSAN_INITED(); \ |
|---|
| 422 | REAL(func)(sret, __VA_ARGS__); \ |
|---|
| 423 | __msan_unpoison(sret, sizeof(*sret)); \ |
|---|
| 424 | __msan_unpoison(endptr, sizeof(*endptr)); |
|---|
| 425 | |
|---|
| 426 | #define INTERCEPTOR_STRTO(ret_type, func, char_type) \ |
|---|
| 427 | INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr) { \ |
|---|
| 428 | INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr); \ |
|---|
| 429 | } |
|---|
| 430 | |
|---|
| 431 | #define INTERCEPTOR_STRTO_SRET(ret_type, func, char_type) \ |
|---|
| 432 | INTERCEPTOR(void, func, ret_type *sret, const char_type *nptr, \ |
|---|
| 433 | char_type **endptr) { \ |
|---|
| 434 | INTERCEPTOR_STRTO_SRET_BODY(func, sret, nptr, endptr); \ |
|---|
| 435 | } |
|---|
| 436 | |
|---|
| 437 | #define INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \ |
|---|
| 438 | INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \ |
|---|
| 439 | int base) { \ |
|---|
| 440 | INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, base); \ |
|---|
| 441 | } |
|---|
| 442 | |
|---|
| 443 | #define INTERCEPTOR_STRTO_LOC(ret_type, func, char_type) \ |
|---|
| 444 | INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \ |
|---|
| 445 | void *loc) { \ |
|---|
| 446 | INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, loc); \ |
|---|
| 447 | } |
|---|
| 448 | |
|---|
| 449 | #define INTERCEPTOR_STRTO_SRET_LOC(ret_type, func, char_type) \ |
|---|
| 450 | INTERCEPTOR(void, func, ret_type *sret, const char_type *nptr, \ |
|---|
| 451 | char_type **endptr, void *loc) { \ |
|---|
| 452 | INTERCEPTOR_STRTO_SRET_BODY(func, sret, nptr, endptr, loc); \ |
|---|
| 453 | } |
|---|
| 454 | |
|---|
| 455 | #define INTERCEPTOR_STRTO_BASE_LOC(ret_type, func, char_type) \ |
|---|
| 456 | INTERCEPTOR(ret_type, func, const char_type * |
|---|
