1//===-- msan_interceptors.cpp ---------------------------------------------===// 2// 3// Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions. 4// See https://llvm.org/LICENSE.txt for license information. 5// SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception 6// 7//===----------------------------------------------------------------------===// 8// 9// This file is a part of MemorySanitizer. 10// 11// Interceptors for standard library functions. 12// 13// FIXME: move as many interceptors as possible into 14// sanitizer_common/sanitizer_common_interceptors.h 15//===----------------------------------------------------------------------===// 16 17#include "interception/interception.h" 18#include "msan.h" 19#include "msan_chained_origin_depot.h" 20#include "msan_origin.h" 21#include "msan_report.h" 22#include "msan_thread.h" 23#include "msan_poisoning.h" 24#include "sanitizer_common/sanitizer_platform_limits_posix.h" 25#include "sanitizer_common/sanitizer_platform_limits_netbsd.h" 26#include "sanitizer_common/sanitizer_allocator.h" 27#include "sanitizer_common/sanitizer_allocator_interface.h" 28#include "sanitizer_common/sanitizer_allocator_internal.h" 29#include "sanitizer_common/sanitizer_atomic.h" 30#include "sanitizer_common/sanitizer_common.h" 31#include "sanitizer_common/sanitizer_errno.h" 32#include "sanitizer_common/sanitizer_stackdepot.h" 33#include "sanitizer_common/sanitizer_libc.h" 34#include "sanitizer_common/sanitizer_linux.h" 35#include "sanitizer_common/sanitizer_tls_get_addr.h" 36#include "sanitizer_common/sanitizer_vector.h" 37 38#if SANITIZER_NETBSD 39#define fstat __fstat50 40#define gettimeofday __gettimeofday50 41#define getrusage __getrusage50 42#define tzset __tzset50 43#endif 44 45#include <stdarg.h> 46// ACHTUNG! No other system header includes in this file. 47// Ideally, we should get rid of stdarg.h as well. 48 49using namespace __msan; 50 51using __sanitizer::memory_order; 52using __sanitizer::atomic_load; 53using __sanitizer::atomic_store; 54using __sanitizer::atomic_uintptr_t; 55 56DECLARE_REAL(SIZE_T, strlen, const char *s) 57DECLARE_REAL(SIZE_T, strnlen, const char *s, SIZE_T maxlen) 58DECLARE_REAL(void *, memcpy, void *dest, const void *src, uptr n) 59DECLARE_REAL(void *, memset, void *dest, int c, uptr n) 60 61// True if this is a nested interceptor. 62static THREADLOCAL int in_interceptor_scope; 63 64void __msan_scoped_disable_interceptor_checks() { ++in_interceptor_scope; } 65void __msan_scoped_enable_interceptor_checks() { --in_interceptor_scope; } 66 67struct InterceptorScope { 68 InterceptorScope() { ++in_interceptor_scope; } 69 ~InterceptorScope() { --in_interceptor_scope; } 70}; 71 72bool IsInInterceptorScope() { 73 return in_interceptor_scope; 74} 75 76static uptr allocated_for_dlsym; 77static const uptr kDlsymAllocPoolSize = 1024; 78static uptr alloc_memory_for_dlsym[kDlsymAllocPoolSize]; 79 80static bool IsInDlsymAllocPool(const void *ptr) { 81 uptr off = (uptr)ptr - (uptr)alloc_memory_for_dlsym; 82 return off < sizeof(alloc_memory_for_dlsym); 83} 84 85static void *AllocateFromLocalPool(uptr size_in_bytes) { 86 uptr size_in_words = RoundUpTo(size_in_bytes, kWordSize) / kWordSize; 87 void *mem = (void *)&alloc_memory_for_dlsym[allocated_for_dlsym]; 88 allocated_for_dlsym += size_in_words; 89 CHECK_LT(allocated_for_dlsym, kDlsymAllocPoolSize); 90 return mem; 91} 92 93#define ENSURE_MSAN_INITED() do { \ 94 CHECK(!msan_init_is_running); \ 95 if (!msan_inited) { \ 96 __msan_init(); \ 97 } \ 98} while (0) 99 100// Check that [x, x+n) range is unpoisoned. 101#define CHECK_UNPOISONED_0(x, n) \ 102 do { \ 103 sptr __offset = __msan_test_shadow(x, n); \ 104 if (__msan::IsInSymbolizer()) break; \ 105 if (__offset >= 0 && __msan::flags()->report_umrs) { \ 106 GET_CALLER_PC_BP_SP; \ 107 (void)sp; \ 108 ReportUMRInsideAddressRange(__func__, x, n, __offset); \ 109 __msan::PrintWarningWithOrigin( \ 110 pc, bp, __msan_get_origin((const char *)x + __offset)); \ 111 if (__msan::flags()->halt_on_error) { \ 112 Printf("Exiting\n"); \ 113 Die(); \ 114 } \ 115 } \ 116 } while (0) 117 118// Check that [x, x+n) range is unpoisoned unless we are in a nested 119// interceptor. 120#define CHECK_UNPOISONED(x, n) \ 121 do { \ 122 if (!IsInInterceptorScope()) CHECK_UNPOISONED_0(x, n); \ 123 } while (0) 124 125#define CHECK_UNPOISONED_STRING_OF_LEN(x, len, n) \ 126 CHECK_UNPOISONED((x), \ 127 common_flags()->strict_string_checks ? (len) + 1 : (n) ) 128 129#define CHECK_UNPOISONED_STRING(x, n) \ 130 CHECK_UNPOISONED_STRING_OF_LEN((x), internal_strlen(x), (n)) 131 132#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 133INTERCEPTOR(SIZE_T, fread_unlocked, void *ptr, SIZE_T size, SIZE_T nmemb, 134 void *file) { 135 ENSURE_MSAN_INITED(); 136 SIZE_T res = REAL(fread_unlocked)(ptr, size, nmemb, file); 137 if (res > 0) 138 __msan_unpoison(ptr, res *size); 139 return res; 140} 141#define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED INTERCEPT_FUNCTION(fread_unlocked) 142#else 143#define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED 144#endif 145 146#if !SANITIZER_NETBSD 147INTERCEPTOR(void *, mempcpy, void *dest, const void *src, SIZE_T n) { 148 return (char *)__msan_memcpy(dest, src, n) + n; 149} 150#define MSAN_MAYBE_INTERCEPT_MEMPCPY INTERCEPT_FUNCTION(mempcpy) 151#else 152#define MSAN_MAYBE_INTERCEPT_MEMPCPY 153#endif 154 155INTERCEPTOR(void *, memccpy, void *dest, const void *src, int c, SIZE_T n) { 156 ENSURE_MSAN_INITED(); 157 void *res = REAL(memccpy)(dest, src, c, n); 158 CHECK(!res || (res >= dest && res <= (char *)dest + n)); 159 SIZE_T sz = res ? (char *)res - (char *)dest : n; 160 CHECK_UNPOISONED(src, sz); 161 __msan_unpoison(dest, sz); 162 return res; 163} 164 165INTERCEPTOR(void *, bcopy, const void *src, void *dest, SIZE_T n) { 166 return __msan_memmove(dest, src, n); 167} 168 169INTERCEPTOR(int, posix_memalign, void **memptr, SIZE_T alignment, SIZE_T size) { 170 GET_MALLOC_STACK_TRACE; 171 CHECK_NE(memptr, 0); 172 int res = msan_posix_memalign(memptr, alignment, size, &stack); 173 if (!res) 174 __msan_unpoison(memptr, sizeof(*memptr)); 175 return res; 176} 177 178#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 179INTERCEPTOR(void *, memalign, SIZE_T alignment, SIZE_T size) { 180 GET_MALLOC_STACK_TRACE; 181 return msan_memalign(alignment, size, &stack); 182} 183#define MSAN_MAYBE_INTERCEPT_MEMALIGN INTERCEPT_FUNCTION(memalign) 184#else 185#define MSAN_MAYBE_INTERCEPT_MEMALIGN 186#endif 187 188INTERCEPTOR(void *, aligned_alloc, SIZE_T alignment, SIZE_T size) { 189 GET_MALLOC_STACK_TRACE; 190 return msan_aligned_alloc(alignment, size, &stack); 191} 192 193#if !SANITIZER_NETBSD 194INTERCEPTOR(void *, __libc_memalign, SIZE_T alignment, SIZE_T size) { 195 GET_MALLOC_STACK_TRACE; 196 void *ptr = msan_memalign(alignment, size, &stack); 197 if (ptr) 198 DTLS_on_libc_memalign(ptr, size); 199 return ptr; 200} 201#define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN INTERCEPT_FUNCTION(__libc_memalign) 202#else 203#define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN 204#endif 205 206INTERCEPTOR(void *, valloc, SIZE_T size) { 207 GET_MALLOC_STACK_TRACE; 208 return msan_valloc(size, &stack); 209} 210 211#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 212INTERCEPTOR(void *, pvalloc, SIZE_T size) { 213 GET_MALLOC_STACK_TRACE; 214 return msan_pvalloc(size, &stack); 215} 216#define MSAN_MAYBE_INTERCEPT_PVALLOC INTERCEPT_FUNCTION(pvalloc) 217#else 218#define MSAN_MAYBE_INTERCEPT_PVALLOC 219#endif 220 221INTERCEPTOR(void, free, void *ptr) { 222 GET_MALLOC_STACK_TRACE; 223 if (!ptr || UNLIKELY(IsInDlsymAllocPool(ptr))) return; 224 MsanDeallocate(&stack, ptr); 225} 226 227#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 228INTERCEPTOR(void, cfree, void *ptr) { 229 GET_MALLOC_STACK_TRACE; 230 if (!ptr || UNLIKELY(IsInDlsymAllocPool(ptr))) return; 231 MsanDeallocate(&stack, ptr); 232} 233#define MSAN_MAYBE_INTERCEPT_CFREE INTERCEPT_FUNCTION(cfree) 234#else 235#define MSAN_MAYBE_INTERCEPT_CFREE 236#endif 237 238#if !SANITIZER_NETBSD 239INTERCEPTOR(uptr, malloc_usable_size, void *ptr) { 240 return __sanitizer_get_allocated_size(ptr); 241} 242#define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE \ 243 INTERCEPT_FUNCTION(malloc_usable_size) 244#else 245#define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE 246#endif 247 248#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 249// This function actually returns a struct by value, but we can't unpoison a 250// temporary! The following is equivalent on all supported platforms but 251// aarch64 (which uses a different register for sret value). We have a test 252// to confirm that. 253INTERCEPTOR(void, mallinfo, __sanitizer_struct_mallinfo *sret) { 254#ifdef __aarch64__ 255 uptr r8; 256 asm volatile("mov %0,x8" : "=r" (r8)); 257 sret = reinterpret_cast<__sanitizer_struct_mallinfo*>(r8); 258#endif 259 REAL(memset)(sret, 0, sizeof(*sret)); 260 __msan_unpoison(sret, sizeof(*sret)); 261} 262#define MSAN_MAYBE_INTERCEPT_MALLINFO INTERCEPT_FUNCTION(mallinfo) 263#else 264#define MSAN_MAYBE_INTERCEPT_MALLINFO 265#endif 266 267#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 268INTERCEPTOR(int, mallopt, int cmd, int value) { 269 return 0; 270} 271#define MSAN_MAYBE_INTERCEPT_MALLOPT INTERCEPT_FUNCTION(mallopt) 272#else 273#define MSAN_MAYBE_INTERCEPT_MALLOPT 274#endif 275 276#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 277INTERCEPTOR(void, malloc_stats, void) { 278 // FIXME: implement, but don't call REAL(malloc_stats)! 279} 280#define MSAN_MAYBE_INTERCEPT_MALLOC_STATS INTERCEPT_FUNCTION(malloc_stats) 281#else 282#define MSAN_MAYBE_INTERCEPT_MALLOC_STATS 283#endif 284 285INTERCEPTOR(char *, strcpy, char *dest, const char *src) { 286 ENSURE_MSAN_INITED(); 287 GET_STORE_STACK_TRACE; 288 SIZE_T n = REAL(strlen)(src); 289 CHECK_UNPOISONED_STRING(src + n, 0); 290 char *res = REAL(strcpy)(dest, src); 291 CopyShadowAndOrigin(dest, src, n + 1, &stack); 292 return res; 293} 294 295INTERCEPTOR(char *, strncpy, char *dest, const char *src, SIZE_T n) { 296 ENSURE_MSAN_INITED(); 297 GET_STORE_STACK_TRACE; 298 SIZE_T copy_size = REAL(strnlen)(src, n); 299 if (copy_size < n) 300 copy_size++; // trailing \0 301 char *res = REAL(strncpy)(dest, src, n); 302 CopyShadowAndOrigin(dest, src, copy_size, &stack); 303 __msan_unpoison(dest + copy_size, n - copy_size); 304 return res; 305} 306 307#if !SANITIZER_NETBSD 308INTERCEPTOR(char *, stpcpy, char *dest, const char *src) { 309 ENSURE_MSAN_INITED(); 310 GET_STORE_STACK_TRACE; 311 SIZE_T n = REAL(strlen)(src); 312 CHECK_UNPOISONED_STRING(src + n, 0); 313 char *res = REAL(stpcpy)(dest, src); 314 CopyShadowAndOrigin(dest, src, n + 1, &stack); 315 return res; 316} 317#define MSAN_MAYBE_INTERCEPT_STPCPY INTERCEPT_FUNCTION(stpcpy) 318#else 319#define MSAN_MAYBE_INTERCEPT_STPCPY 320#endif 321 322INTERCEPTOR(char *, strdup, char *src) { 323 ENSURE_MSAN_INITED(); 324 GET_STORE_STACK_TRACE; 325 // On FreeBSD strdup() leverages strlen(). 326 InterceptorScope interceptor_scope; 327 SIZE_T n = REAL(strlen)(src); 328 CHECK_UNPOISONED_STRING(src + n, 0); 329 char *res = REAL(strdup)(src); 330 CopyShadowAndOrigin(res, src, n + 1, &stack); 331 return res; 332} 333 334#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 335INTERCEPTOR(char *, __strdup, char *src) { 336 ENSURE_MSAN_INITED(); 337 GET_STORE_STACK_TRACE; 338 SIZE_T n = REAL(strlen)(src); 339 CHECK_UNPOISONED_STRING(src + n, 0); 340 char *res = REAL(__strdup)(src); 341 CopyShadowAndOrigin(res, src, n + 1, &stack); 342 return res; 343} 344#define MSAN_MAYBE_INTERCEPT___STRDUP INTERCEPT_FUNCTION(__strdup) 345#else 346#define MSAN_MAYBE_INTERCEPT___STRDUP 347#endif 348 349#if !SANITIZER_NETBSD 350INTERCEPTOR(char *, gcvt, double number, SIZE_T ndigit, char *buf) { 351 ENSURE_MSAN_INITED(); 352 char *res = REAL(gcvt)(number, ndigit, buf); 353 SIZE_T n = REAL(strlen)(buf); 354 __msan_unpoison(buf, n + 1); 355 return res; 356} 357#define MSAN_MAYBE_INTERCEPT_GCVT INTERCEPT_FUNCTION(gcvt) 358#else 359#define MSAN_MAYBE_INTERCEPT_GCVT 360#endif 361 362INTERCEPTOR(char *, strcat, char *dest, const char *src) { 363 ENSURE_MSAN_INITED(); 364 GET_STORE_STACK_TRACE; 365 SIZE_T src_size = REAL(strlen)(src); 366 SIZE_T dest_size = REAL(strlen)(dest); 367 CHECK_UNPOISONED_STRING(src + src_size, 0); 368 CHECK_UNPOISONED_STRING(dest + dest_size, 0); 369 char *res = REAL(strcat)(dest, src); 370 CopyShadowAndOrigin(dest + dest_size, src, src_size + 1, &stack); 371 return res; 372} 373 374INTERCEPTOR(char *, strncat, char *dest, const char *src, SIZE_T n) { 375 ENSURE_MSAN_INITED(); 376 GET_STORE_STACK_TRACE; 377 SIZE_T dest_size = REAL(strlen)(dest); 378 SIZE_T copy_size = REAL(strnlen)(src, n); 379 CHECK_UNPOISONED_STRING(dest + dest_size, 0); 380 char *res = REAL(strncat)(dest, src, n); 381 CopyShadowAndOrigin(dest + dest_size, src, copy_size, &stack); 382 __msan_unpoison(dest + dest_size + copy_size, 1); // \0 383 return res; 384} 385 386// Hack: always pass nptr and endptr as part of __VA_ARGS_ to avoid having to 387// deal with empty __VA_ARGS__ in the case of INTERCEPTOR_STRTO. 388#define INTERCEPTOR_STRTO_BODY(ret_type, func, ...) \ 389 ENSURE_MSAN_INITED(); \ 390 ret_type res = REAL(func)(__VA_ARGS__); \ 391 __msan_unpoison(endptr, sizeof(*endptr)); \ 392 return res; 393 394#define INTERCEPTOR_STRTO(ret_type, func, char_type) \ 395 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr) { \ 396 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr); \ 397 } 398 399#define INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \ 400 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \ 401 int base) { \ 402 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, base); \ 403 } 404 405#define INTERCEPTOR_STRTO_LOC(ret_type, func, char_type) \ 406 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \ 407 void *loc) { \ 408 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, loc); \ 409 } 410 411#define INTERCEPTOR_STRTO_BASE_LOC(ret_type, func, char_type) \ 412 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \ 413 int base, void *loc) { \ 414 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, base, loc); \ 415 } 416 417#if SANITIZER_NETBSD 418#define INTERCEPTORS_STRTO(ret_type, func, char_type) \ 419 INTERCEPTOR_STRTO(ret_type, func, char_type) \ 420 INTERCEPTOR_STRTO_LOC(ret_type, func##_l, char_type) 421 422#define INTERCEPTORS_STRTO_BASE(ret_type, func, char_type) \ 423 INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \ 424 INTERCEPTOR_STRTO_BASE_LOC(ret_type, func##_l, char_type) 425 426#else 427#define INTERCEPTORS_STRTO(ret_type, func, char_type) \ 428 INTERCEPTOR_STRTO(ret_type, func, char_type) \ 429 INTERCEPTOR_STRTO_LOC(ret_type, func##_l, char_type) \ 430 INTERCEPTOR_STRTO_LOC(ret_type, __##func##_l, char_type) \ 431 INTERCEPTOR_STRTO_LOC(ret_type, __##func##_internal, char_type) 432 433#define INTERCEPTORS_STRTO_BASE(ret_type, func, char_type) \ 434 INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \ 435 INTERCEPTOR_STRTO_BASE_LOC(ret_type, func##_l, char_type) \ 436 INTERCEPTOR_STRTO_BASE_LOC(ret_type, __##func##_l, char_type) \ 437 INTERCEPTOR_STRTO_BASE_LOC(ret_type, __##func##_internal, char_type) 438#endif 439 440INTERCEPTORS_STRTO(double, strtod, char) 441INTERCEPTORS_STRTO(float, strtof, char) 442INTERCEPTORS_STRTO(long double, strtold, char) 443INTERCEPTORS_STRTO_BASE(long, strtol, char) 444INTERCEPTORS_STRTO_BASE(long long, strtoll, char) 445INTERCEPTORS_STRTO_BASE(unsigned long, strtoul, char) 446INTERCEPTORS_STRTO_BASE(unsigned long long, strtoull, char) 447INTERCEPTORS_STRTO_BASE(u64, strtouq, char) 448 449INTERCEPTORS_STRTO(double, wcstod, wchar_t) 450INTERCEPTORS_STRTO(float, wcstof, wchar_t) 451INTERCEPTORS_STRTO(long double, wcstold, wchar_t) 452INTERCEPTORS_STRTO_BASE(long, wcstol, wchar_t) 453INTERCEPTORS_STRTO_BASE(long long, wcstoll, wchar_t) 454INTERCEPTORS_STRTO_BASE(unsigned long, wcstoul, wchar_t) 455INTERCEPTORS_STRTO_BASE(unsigned long long, wcstoull, wchar_t) 456 457#if SANITIZER_NETBSD 458#define INTERCEPT_STRTO(func) \ 459 INTERCEPT_FUNCTION(func); \ 460 INTERCEPT_FUNCTION(func##_l); 461#else 462#define INTERCEPT_STRTO(func) \ 463 INTERCEPT_FUNCTION(func); \ 464 INTERCEPT_FUNCTION(func##_l); \ 465 INTERCEPT_FUNCTION(__##func##_l); \ 466 INTERCEPT_FUNCTION(__##func##_internal); 467#endif 468 469 470// FIXME: support *wprintf in common format interceptors. 471INTERCEPTOR(int, vswprintf, void *str, uptr size, void *format, va_list ap) { 472 ENSURE_MSAN_INITED(); 473 int res = REAL(vswprintf)(str, size, format, ap); 474 if (res >= 0) { 475 __msan_unpoison(str, 4 * (res + 1)); 476 } 477 return res; 478} 479 480INTERCEPTOR(int, swprintf, void *str, uptr size, void *format, ...) { 481 ENSURE_MSAN_INITED(); 482 va_list ap; 483 va_start(ap, format); 484 int res = vswprintf(str, size, format, ap); 485 va_end(ap); 486 return res; 487} 488 489#define INTERCEPTOR_STRFTIME_BODY(char_type, ret_type, func, s, ...) \ 490 ENSURE_MSAN_INITED(); \ 491 InterceptorScope interceptor_scope; \ 492 ret_type res = REAL(func)(s, __VA_ARGS__); \ 493 if (s) __msan_unpoison(s, sizeof(char_type) * (res + 1)); \ 494 return res; 495 496INTERCEPTOR(SIZE_T, strftime, char *s, SIZE_T max, const char *format, 497 __sanitizer_tm *tm) { 498 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, strftime, s, max, format, tm); 499} 500 501INTERCEPTOR(SIZE_T, strftime_l, char *s, SIZE_T max, const char *format, 502 __sanitizer_tm *tm, void *loc) { 503 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, strftime_l, s, max, format, tm, loc); 504} 505 506#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 507INTERCEPTOR(SIZE_T, __strftime_l, char *s, SIZE_T max, const char *format, 508 __sanitizer_tm *tm, void *loc) { 509 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, __strftime_l, s, max, format, tm, 510 loc); 511} 512#define MSAN_MAYBE_INTERCEPT___STRFTIME_L INTERCEPT_FUNCTION(__strftime_l) 513#else 514#define MSAN_MAYBE_INTERCEPT___STRFTIME_L 515#endif 516 517INTERCEPTOR(SIZE_T, wcsftime, wchar_t *s, SIZE_T max, const wchar_t *format, 518 __sanitizer_tm *tm) { 519 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, wcsftime, s, max, format, tm); 520} 521 522INTERCEPTOR(SIZE_T, wcsftime_l, wchar_t *s, SIZE_T max, const wchar_t *format, 523 __sanitizer_tm *tm, void *loc) { 524 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, wcsftime_l, s, max, format, tm, 525 loc); 526} 527 528#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 529INTERCEPTOR(SIZE_T, __wcsftime_l, wchar_t *s, SIZE_T max, const wchar_t *format, 530 __sanitizer_tm *tm, void *loc) { 531 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, __wcsftime_l, s, max, format, tm, 532 loc); 533} 534#define MSAN_MAYBE_INTERCEPT___WCSFTIME_L INTERCEPT_FUNCTION(__wcsftime_l) 535#else 536#define MSAN_MAYBE_INTERCEPT___WCSFTIME_L 537#endif 538 539INTERCEPTOR(int, mbtowc, wchar_t *dest, const char *src, SIZE_T n) { 540 ENSURE_MSAN_INITED(); 541 int res = REAL(mbtowc)(dest, src, n); 542 if (res != -1 && dest) __msan_unpoison(dest, sizeof(wchar_t)); 543 return res; 544} 545 546INTERCEPTOR(SIZE_T, mbrtowc, wchar_t *dest, const char *src, SIZE_T n, 547 void *ps) { 548 ENSURE_MSAN_INITED(); 549 SIZE_T res = REAL(mbrtowc)(dest, src, n, ps); 550 if (res != (SIZE_T)-1 && dest) __msan_unpoison(dest, sizeof(wchar_t)); 551 return res; 552} 553 554// wchar_t *wmemcpy(wchar_t *dest, const wchar_t *src, SIZE_T n); 555INTERCEPTOR(wchar_t *, wmemcpy, wchar_t *dest, const wchar_t *src, SIZE_T n) { 556 ENSURE_MSAN_INITED(); 557 GET_STORE_STACK_TRACE; 558 wchar_t *res = REAL(wmemcpy)(dest, src, n); 559 CopyShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack); 560 return res; 561} 562 563#if !SANITIZER_NETBSD 564INTERCEPTOR(wchar_t *, wmempcpy, wchar_t *dest, const wchar_t *src, SIZE_T n) { 565 ENSURE_MSAN_INITED(); 566 GET_STORE_STACK_TRACE; 567 wchar_t *res = REAL(wmempcpy)(dest, src, n); 568 CopyShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack); 569 return res; 570} 571#define MSAN_MAYBE_INTERCEPT_WMEMPCPY INTERCEPT_FUNCTION(wmempcpy) 572#else 573#define MSAN_MAYBE_INTERCEPT_WMEMPCPY 574#endif 575 576INTERCEPTOR(wchar_t *, wmemset, wchar_t *s, wchar_t c, SIZE_T n) { 577 CHECK(MEM_IS_APP(s)); 578 ENSURE_MSAN_INITED(); 579 wchar_t *res = REAL(wmemset)(s, c, n); 580 __msan_unpoison(s, n * sizeof(wchar_t)); 581 return res; 582} 583 584INTERCEPTOR(wchar_t *, wmemmove, wchar_t *dest, const wchar_t *src, SIZE_T n) { 585 ENSURE_MSAN_INITED(); 586 GET_STORE_STACK_TRACE; 587 wchar_t *res = REAL(wmemmove)(dest, src, n); 588 MoveShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack); 589 return res; 590} 591 592INTERCEPTOR(int, wcscmp, const wchar_t *s1, const wchar_t *s2) { 593 ENSURE_MSAN_INITED(); 594 int res = REAL(wcscmp)(s1, s2); 595 return res; 596} 597 598INTERCEPTOR(int, gettimeofday, void *tv, void *tz) { 599 ENSURE_MSAN_INITED(); 600 int res = REAL(gettimeofday)(tv, tz); 601 if (tv) 602 __msan_unpoison(tv, 16); 603 if (tz) 604 __msan_unpoison(tz, 8); 605 return res; 606} 607 608#if !SANITIZER_NETBSD 609INTERCEPTOR(char *, fcvt, double x, int a, int *b, int *c) { 610 ENSURE_MSAN_INITED(); 611 char *res = REAL(fcvt)(x, a, b, c); 612 __msan_unpoison(b, sizeof(*b)); 613 __msan_unpoison(c, sizeof(*c)); 614 if (res) __msan_unpoison(res, REAL(strlen)(res) + 1); 615 return res; 616} 617#define MSAN_MAYBE_INTERCEPT_FCVT INTERCEPT_FUNCTION(fcvt) 618#else 619#define MSAN_MAYBE_INTERCEPT_FCVT 620#endif 621 622INTERCEPTOR(char *, getenv, char *name) { 623 if (msan_init_is_running) 624 return REAL(getenv)(name); 625 ENSURE_MSAN_INITED(); 626 char *res = REAL(getenv)(name); 627 if (res) __msan_unpoison(res, REAL(strlen)(res) + 1); 628 return res; 629} 630 631extern char **environ; 632 633static void UnpoisonEnviron() { 634 char **envp = environ; 635 for (; *envp; ++envp) { 636 __msan_unpoison(envp, sizeof(*envp)); 637 __msan_unpoison(*envp, REAL(strlen)(*envp) + 1); 638 } 639 // Trailing NULL pointer. 640 __msan_unpoison(envp, sizeof(*envp)); 641} 642 643INTERCEPTOR(int, setenv, const char *name, const char *value, int overwrite) { 644 ENSURE_MSAN_INITED(); 645 CHECK_UNPOISONED_STRING(name, 0); 646 int res = REAL(setenv)(name, value, overwrite); 647 if (!res) UnpoisonEnviron(); 648 return res; 649} 650 651INTERCEPTOR(int, putenv, char *string) { 652 ENSURE_MSAN_INITED(); 653 int res = REAL(putenv)(string); 654 if (!res) UnpoisonEnviron(); 655 return res; 656} 657 658#if SANITIZER_FREEBSD || SANITIZER_NETBSD 659INTERCEPTOR(int, fstat, int fd, void *buf) { 660 ENSURE_MSAN_INITED(); 661 int res = REAL(fstat)(fd, buf); 662 if (!res) 663 __msan_unpoison(buf, __sanitizer::struct_stat_sz); 664 return res; 665} 666#define MSAN_MAYBE_INTERCEPT_FSTAT INTERCEPT_FUNCTION(fstat) 667#else 668#define MSAN_MAYBE_INTERCEPT_FSTAT 669#endif 670 671#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 672INTERCEPTOR(int, __fxstat, int magic, int fd, void *buf) { 673 ENSURE_MSAN_INITED(); 674 int res = REAL(__fxstat)(magic, fd, buf); 675 if (!res) 676 __msan_unpoison(buf, __sanitizer::struct_stat_sz); 677 return res; 678} 679#define MSAN_MAYBE_INTERCEPT___FXSTAT INTERCEPT_FUNCTION(__fxstat) 680#else 681#define MSAN_MAYBE_INTERCEPT___FXSTAT 682#endif 683 684#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 685INTERCEPTOR(int, __fxstat64, int magic, int fd, void *buf) { 686 ENSURE_MSAN_INITED(); 687 int res = REAL(__fxstat64)(magic, fd, buf); 688 if (!res) 689 __msan_unpoison(buf, __sanitizer::struct_stat64_sz); 690 return res; 691} 692#define MSAN_MAYBE_INTERCEPT___FXSTAT64 INTERCEPT_FUNCTION(__fxstat64) 693#else 694#define MSAN_MAYBE_INTERCEPT___FXSTAT64 695#endif 696 697#if SANITIZER_FREEBSD || SANITIZER_NETBSD 698INTERCEPTOR(int, fstatat, int fd, char *pathname, void *buf, int flags) { 699 ENSURE_MSAN_INITED(); 700 int res = REAL(fstatat)(fd, pathname, buf, flags); 701 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz); 702 return res; 703} 704# define MSAN_INTERCEPT_FSTATAT INTERCEPT_FUNCTION(fstatat) 705#else 706INTERCEPTOR(int, __fxstatat, int magic, int fd, char *pathname, void *buf, 707 int flags) { 708 ENSURE_MSAN_INITED(); 709 int res = REAL(__fxstatat)(magic, fd, pathname, buf, flags); 710 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz); 711 return res; 712} 713# define MSAN_INTERCEPT_FSTATAT INTERCEPT_FUNCTION(__fxstatat) 714#endif 715 716#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 717INTERCEPTOR(int, __fxstatat64, int magic, int fd, char *pathname, void *buf, 718 int flags) { 719 ENSURE_MSAN_INITED(); 720 int res = REAL(__fxstatat64)(magic, fd, pathname, buf, flags); 721 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat64_sz); 722 return res; 723} 724#define MSAN_MAYBE_INTERCEPT___FXSTATAT64 INTERCEPT_FUNCTION(__fxstatat64) 725#else 726#define MSAN_MAYBE_INTERCEPT___FXSTATAT64 727#endif 728 729INTERCEPTOR(int, pipe, int pipefd[2]) { 730 if (msan_init_is_running) 731 return REAL(pipe)(pipefd); 732 ENSURE_MSAN_INITED(); 733 int res = REAL(pipe)(pipefd); 734 if (!res) 735 __msan_unpoison(pipefd, sizeof(int[2])); 736 return res; 737} 738 739INTERCEPTOR(int, pipe2, int pipefd[2], int flags) { 740 ENSURE_MSAN_INITED(); 741 int res = REAL(pipe2)(pipefd, flags); 742 if (!res) 743 __msan_unpoison(pipefd, sizeof(int[2])); 744 return res; 745} 746 747INTERCEPTOR(int, socketpair, int domain, int type, int protocol, int sv[2]) { 748 ENSURE_MSAN_INITED(); 749 int res = REAL(socketpair)(domain, type, protocol, sv); 750 if (!res) 751 __msan_unpoison(sv, sizeof(int[2])); 752 return res; 753} 754 755#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 756INTERCEPTOR(char *, fgets_unlocked, char *s, int size, void *stream) { 757 ENSURE_MSAN_INITED(); 758 char *res = REAL(fgets_unlocked)(s, size, stream); 759 if (res) 760 __msan_unpoison(s, REAL(strlen)(s) + 1); 761 return res; 762} 763#define MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED INTERCEPT_FUNCTION(fgets_unlocked) 764#else 765#define MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED 766#endif 767 768#define INTERCEPTOR_GETRLIMIT_BODY(func, resource, rlim) \ 769 if (msan_init_is_running) \ 770 return REAL(getrlimit)(resource, rlim); \ 771 ENSURE_MSAN_INITED(); \ 772 int res = REAL(func)(resource, rlim); \ 773 if (!res) \ 774 __msan_unpoison(rlim, __sanitizer::struct_rlimit_sz); \ 775 return res 776 777INTERCEPTOR(int, getrlimit, int resource, void *rlim) { 778 INTERCEPTOR_GETRLIMIT_BODY(getrlimit, resource, rlim); 779} 780 781#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 782INTERCEPTOR(int, __getrlimit, int resource, void *rlim) { 783 INTERCEPTOR_GETRLIMIT_BODY(__getrlimit, resource, rlim); 784} 785 786INTERCEPTOR(int, getrlimit64, int resource, void *rlim) { 787 if (msan_init_is_running) return REAL(getrlimit64)(resource, rlim); 788 ENSURE_MSAN_INITED(); 789 int res = REAL(getrlimit64)(resource, rlim); 790 if (!res) __msan_unpoison(rlim, __sanitizer::struct_rlimit64_sz); 791 return res; 792} 793 794INTERCEPTOR(int, prlimit, int pid, int resource, void *new_rlimit, 795 void *old_rlimit) { 796 if (msan_init_is_running) 797 return REAL(prlimit)(pid, resource, new_rlimit, old_rlimit); 798 ENSURE_MSAN_INITED(); 799 CHECK_UNPOISONED(new_rlimit, __sanitizer::struct_rlimit_sz); 800 int res = REAL(prlimit)(pid, resource, new_rlimit, old_rlimit); 801 if (!res) __msan_unpoison(old_rlimit, __sanitizer::struct_rlimit_sz); 802 return res; 803} 804 805INTERCEPTOR(int, prlimit64, int pid, int resource, void *new_rlimit, 806 void *old_rlimit) { 807 if (msan_init_is_running) 808 return REAL(prlimit64)(pid, resource, new_rlimit, old_rlimit); 809 ENSURE_MSAN_INITED(); 810 CHECK_UNPOISONED(new_rlimit, __sanitizer::struct_rlimit64_sz); 811 int res = REAL(prlimit64)(pid, resource, new_rlimit, old_rlimit); 812 if (!res) __msan_unpoison(old_rlimit, __sanitizer::struct_rlimit64_sz); 813 return res; 814} 815 816#define MSAN_MAYBE_INTERCEPT___GETRLIMIT INTERCEPT_FUNCTION(__getrlimit) 817#define MSAN_MAYBE_INTERCEPT_GETRLIMIT64 INTERCEPT_FUNCTION(getrlimit64) 818#define MSAN_MAYBE_INTERCEPT_PRLIMIT INTERCEPT_FUNCTION(prlimit) 819#define MSAN_MAYBE_INTERCEPT_PRLIMIT64 INTERCEPT_FUNCTION(prlimit64) 820#else 821#define MSAN_MAYBE_INTERCEPT___GETRLIMIT 822#define MSAN_MAYBE_INTERCEPT_GETRLIMIT64 823#define MSAN_MAYBE_INTERCEPT_PRLIMIT 824#define MSAN_MAYBE_INTERCEPT_PRLIMIT64 825#endif 826 827#if SANITIZER_FREEBSD 828// FreeBSD's <sys/utsname.h> define uname() as 829// static __inline int uname(struct utsname *name) { 830// return __xuname(SYS_NMLN, (void*)name); 831// } 832INTERCEPTOR(int, __xuname, int size, void *utsname) { 833 ENSURE_MSAN_INITED(); 834 int res = REAL(__xuname)(size, utsname); 835 if (!res) 836 __msan_unpoison(utsname, __sanitizer::struct_utsname_sz); 837 return res; 838} 839#define MSAN_INTERCEPT_UNAME INTERCEPT_FUNCTION(__xuname) 840#else 841INTERCEPTOR(int, uname, struct utsname *utsname) { 842 ENSURE_MSAN_INITED(); 843 int res = REAL(uname)(utsname); 844 if (!res) 845 __msan_unpoison(utsname, __sanitizer::struct_utsname_sz); 846 return res; 847} 848#define MSAN_INTERCEPT_UNAME INTERCEPT_FUNCTION(uname) 849#endif 850 851INTERCEPTOR(int, gethostname, char *name, SIZE_T len) { 852 ENSURE_MSAN_INITED(); 853 int res = REAL(gethostname)(name, len); 854 if (!res) { 855 SIZE_T real_len = REAL(strnlen)(name, len); 856 if (real_len < len) 857 ++real_len; 858 __msan_unpoison(name, real_len); 859 } 860 return res; 861} 862 863#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 864INTERCEPTOR(int, epoll_wait, int epfd, void *events, int maxevents, 865 int timeout) { 866 ENSURE_MSAN_INITED(); 867 int res = REAL(epoll_wait)(epfd, events, maxevents, timeout); 868 if (res > 0) { 869 __msan_unpoison(events, __sanitizer::struct_epoll_event_sz * res); 870 } 871 return res; 872} 873#define MSAN_MAYBE_INTERCEPT_EPOLL_WAIT INTERCEPT_FUNCTION(epoll_wait) 874#else 875#define MSAN_MAYBE_INTERCEPT_EPOLL_WAIT 876#endif 877 878#if !SANITIZER_FREEBSD && !SANITIZER_NETBSD 879INTERCEPTOR(int, epoll_pwait, int epfd, void *events, int maxevents, 880 int timeout, void *sigmask) { 881 ENSURE_MSAN_INITED(); 882 int res = REAL(epoll_pwait)(epfd, events, maxevents, timeout, sigmask); 883 if (res > 0) { 884 __msan_unpoison(events, __sanitizer::struct_epoll_event_sz * res); 885 } 886 return res; 887} 888#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT INTERCEPT_FUNCTION(epoll_pwait) 889#else 890#define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT 891#endif 892 893INTERCEPTOR(void *, calloc, SIZE_T nmemb, SIZE_T size) { 894 GET_MALLOC_STACK_TRACE; 895 if (UNLIKELY(!msan_inited)) 896 // Hack: dlsym calls calloc before REAL(calloc) is retrieved from dlsym. 897 return AllocateFromLocalPool(nmemb * size); 898 return msan_calloc(nmemb, size, &stack); 899} 900 901INTERCEPTOR(void *, realloc, void *ptr, SIZE_T size) { 902 GET_MALLOC_STACK_TRACE; 903 if (UNLIKELY(IsInDlsymAllocPool(ptr))) { 904 uptr offset = (uptr)ptr - (uptr)alloc_memory_for_dlsym; 905 uptr copy_size = Min(size, kDlsymAllocPoolSize - offset); 906 void *new_ptr; 907 if (UNLIKELY(!msan_inited)) { 908 new_ptr = AllocateFromLocalPool(copy_size); 909 } else { 910 copy_size = size; 911 new_ptr = msan_malloc(copy_size, &stack); 912 } 913 internal_memcpy(new_ptr, ptr, copy_size); 914 return new_ptr; 915 } 916 return msan_realloc(ptr, size, &stack); 917} 918 919INTERCEPTOR(void *, reallocarray, void *ptr, SIZE_T nmemb, SIZE_T size) { 920 GET_MALLOC_STACK_TRACE; 921 return msan_reallocarray(ptr, nmemb, size, &stack); 922} 923 924INTERCEPTOR(void *, malloc, SIZE_T size) { 925 GET_MALLOC_STACK_TRACE; 926 if (UNLIKELY(!msan_inited)) 927 // Hack: dlsym calls malloc before REAL(malloc) is retrieved from dlsym. 928 return AllocateFromLocalPool(size); 929 return msan_malloc(size, &stack); 930} 931 932void __msan_allocated_memory(const void *data, uptr size) { 933 GET_MALLOC_STACK_TRACE; 934 if (flags()->poison_in_malloc) { 935 stack.tag = STACK_TRACE_TAG_POISON; 936 PoisonMemory(data, size, &stack); 937 } 938} 939 940void __msan_copy_shadow(void *dest, const void *src, uptr n) { 941 GET_STORE_STACK_TRACE; 942 MoveShadowAndOrigin(dest, src, n, &stack); 943} 944 945void __sanitizer_dtor_callback(const void *data, uptr size) { 946 GET_MALLOC_STACK_TRACE; 947 if (flags()->poison_in_dtor) { 948 stack.tag = STACK_TRACE_TAG_POISON; 949 PoisonMemory(data, size, &stack); 950 } 951} 952 953template <class Mmap> 954static void *mmap_interceptor(Mmap real_mmap, void *addr, SIZE_T length, 955 int prot, int flags, int fd, OFF64_T offset) { 956 if (addr && !MEM_IS_APP(addr)) { 957 if (flags & map_fixed) { 958 errno = errno_EINVAL; 959 return (void *)-1; 960 } else { 961 addr = nullptr; 962 } 963 } 964 void *res = real_mmap(addr, length, prot, flags, fd, offset); 965 if (res != (void *)-1) __msan_unpoison(res, RoundUpTo(length, GetPageSize())); 966 return res; 967} 968 969INTERCEPTOR(int, getrusage, int who, void *usage) { 970 ENSURE_MSAN_INITED(); 971 int res = REAL(getrusage)(who, usage); 972 if (res == 0) { 973 __msan_unpoison(usage, __sanitizer::struct_rusage_sz); 974 } 975 return res; 976} 977 978class SignalHandlerScope { 979 public: 980 SignalHandlerScope() { 981 if (MsanThread *t = GetCurrentThread()) 982 t->EnterSignalHandler(); 983 } 984 ~SignalHandlerScope() { 985 if (MsanThread *t = GetCurrentThread()) 986 t->LeaveSignalHandler(); 987 } 988}; 989 990// sigactions_mu guarantees atomicity of sigaction() and signal() calls. 991// Access to sigactions[] is gone with relaxed atomics to avoid data race with 992// the signal handler. 993const int kMaxSignals = 1024; 994static atomic_uintptr_t sigactions[kMaxSignals]; 995static StaticSpinMutex sigactions_mu; 996 997static void SignalHandler(int signo) { 998 SignalHandlerScope signal_handler_scope; 999 ScopedThreadLocalStateBackup stlsb; 1000 UnpoisonParam(1); 1001 1002 typedef void (*signal_cb)(int x); 1003 signal_cb cb = 1004 (signal_cb)atomic_load(&sigactions[signo], memory_order_relaxed); 1005 cb(signo); 1006} 1007 1008static void SignalAction(int signo, void *si, void *uc) { 1009 SignalHandlerScope signal_handler_scope; 1010 ScopedThreadLocalStateBackup stlsb; 1011 UnpoisonParam(3); 1012 __msan_unpoison(si, sizeof(__sanitizer_sigaction)); 1013 __msan_unpoison(uc, __sanitizer::ucontext_t_sz); 1014 1015 typedef void (*sigaction_cb)(int, void *, void *); 1016 sigaction_cb cb = 1017 (sigaction_cb)atomic_load(&sigactions[signo], memory_order_relaxed); 1018 cb(signo, si, uc); 1019} 1020 1021static void read_sigaction(const __sanitizer_sigaction *act) { 1022 CHECK_UNPOISONED(&act->sa_flags, sizeof(act->sa_flags)); 1023 if (act->sa_flags & __sanitizer::sa_siginfo) 1024 CHECK_UNPOISONED(&act->sigaction, sizeof(act->sigaction)); 1025 else 1026 CHECK_UNPOISONED(&act->handler, sizeof(act->handler)); 1027 CHECK_UNPOISONED(&act->sa_mask, sizeof(act->sa_mask)); 1028} 1029 1030extern "C" int pthread_attr_init(void *attr); 1031extern "C" int pthread_attr_destroy(void *attr); 1032 1033static void *MsanThreadStartFunc(void *arg) { 1034 MsanThread *t = (MsanThread *)arg; 1035 SetCurrentThread(t); 1036 return t->ThreadStart(); 1037} 1038 1039INTERCEPTOR(int, pthread_create, void *th, void *attr, void *(*callback)(void*), 1040 void * param) { 1041 ENSURE_MSAN_INITED(); // for GetTlsSize() 1042 __sanitizer_pthread_attr_t myattr; 1043 if (!attr) { 1044 pthread_attr_init(&myattr); 1045 attr = &myattr; 1046 } 1047 1048 AdjustStackSize(attr); 1049 1050 MsanThread *t = MsanThread::Create(callback, param); 1051 1052 int res = REAL(pthread_create)(th, attr, MsanThreadStartFunc, t); 1053 1054 if (attr == &myattr) 1055 pthread_attr_destroy(&myattr); 1056 if (!res) { 1057 __msan_unpoison(th, __sanitizer::pthread_t_sz); 1058 } 1059 return res; 1060} 1061 1062INTERCEPTOR(int, pthread_key_create, __sanitizer_pthread_key_t *key, 1063 void (*dtor)(void *value)) { 1064 if (msan_init_is_running) return REAL(pthread_key_create)(key, dtor); 1065 ENSURE_MSAN_INITED(); 1066 int res = REAL(pthread_key_create)(key, dtor); 1067 if (!res && key) 1068 __msan_unpoison(key, sizeof(*key)); 1069 return res; 1070} 1071 1072#if SANITIZER_NETBSD 1073INTERCEPTOR(int, __libc_thr_keycreate, __sanitizer_pthread_key_t *m, 1074 void (*dtor)(void *value)) 1075ALIAS(WRAPPER_NAME(pthread_key_create)); 1076#endif 1077 1078INTERCEPTOR(int, pthread_join, void *th, void **retval) { 1079 ENSURE_MSAN_INITED(); 1080 int res = REAL(pthread_join)(th, retval); 1081 if (!res && retval) 1082 __msan_unpoison(retval, sizeof(*retval)); 1083 return res; 1084} 1085 1086extern char *tzname[2]; 1087 1088INTERCEPTOR(void, tzset, int fake) { 1089 ENSURE_MSAN_INITED(); 1090 InterceptorScope interceptor_scope; 1091 REAL(tzset)(fake); 1092 if (tzname[0]) 1093 __msan_unpoison(tzname[0], REAL(strlen)(tzname[0]) + 1); 1094 if (tzname[1]) 1095 __msan_unpoison(tzname[1], REAL(strlen)(tzname[1]) + 1); 1096 return; 1097} 1098 1099struct MSanAtExitRecord { 1100 void (*func)(void *arg); 1101 void *arg; 1102}; 1103 1104struct InterceptorContext { 1105 BlockingMutex atexit_mu; 1106 Vector<struct MSanAtExitRecord *> AtExitStack; 1107 1108 InterceptorContext() 1109 : AtExitStack() { 1110 } 1111}; 1112 1113static ALIGNED(64) char interceptor_placeholder[sizeof(InterceptorContext)]; 1114InterceptorContext *interceptor_ctx() { 1115 return reinterpret_cast<InterceptorContext*>(&interceptor_placeholder[0]); 1116} 1117 1118void MSanAtExitWrapper() { 1119 MSanAtExitRecord *r; 1120 { 1121 BlockingMutexLock l(&interceptor_ctx()->atexit_mu); 1122 1123 uptr element = interceptor_ctx()->AtExitStack.Size() - 1; 1124 r = interceptor_ctx()->AtExitStack[element]; 1125 interceptor_ctx()->AtExitStack.PopBack(); 1126 } 1127 1128 UnpoisonParam(1); 1129 ((void(*)())r->func)(); 1130 InternalFree(r); 1131} 1132 1133void MSanCxaAtExitWrapper(void *arg) { 1134 UnpoisonParam(1); 1135 MSanAtExitRecord *r = (MSanAtExitRecord *)arg; 1136 // libc before 2.27 had race which caused occasional double handler execution 1137 // https://sourceware.org/ml/libc-alpha/2017-08/msg01204.html 1138 if (!r->func) 1139 return; 1140 r->func(r->arg); 1141 r->func = nullptr; 1142} 1143 1144static int setup_at_exit_wrapper(void(*f)(), void *arg, void *dso); 1145 1146// Unpoison argument shadow for C++ module destructors. 1147INTERCEPTOR(int, __cxa_atexit, void (*func)(void *), void *arg, 1148 void *dso_handle) { 1149 if (msan_init_is_running) return REAL(__cxa_atexit)(func, arg, dso_handle); 1150 return setup_at_exit_wrapper((void(*)())func, arg, dso_handle); 1151} 1152 1153// Unpoison argument shadow for C++ module destructors. 1154INTERCEPTOR(int, atexit, void (*func)()) { 1155 // Avoid calling real atexit as it is unrechable on at least on Linux. 1156 if (msan_init_is_running) 1157 return REAL(__cxa_atexit)((void (*)(void *a))func, 0, 0); 1158 return setup_at_exit_wrapper((void(*)())func, 0, 0); 1159} 1160 1161static int setup_at_exit_wrapper(void(*f)(), void *arg, void *dso) { 1162 ENSURE_MSAN_INITED(); 1163 MSanAtExitRecord *r = 1164 (MSanAtExitRecord *)InternalAlloc(sizeof(MSanAtExitRecord)); 1165 r->func = (void(*)(void *a))f; 1166 r->arg = arg; 1167 int res; 1168 if (!dso) { 1169 // NetBSD does not preserve the 2nd argument if dso is equal to 0 1170 // Store ctx in a local stack-like structure 1171 1172 BlockingMutexLock l(&interceptor_ctx()->atexit_mu); 1173 1174 res = REAL(__cxa_atexit)((void (*)(void *a))MSanAtExitWrapper, 0, 0); 1175 if (!res) { 1176 interceptor_ctx()->AtExitStack.PushBack(r); 1177 } 1178 } else { 1179 res = REAL(__cxa_atexit)(MSanCxaAtExitWrapper, r, dso); 1180 } 1181 return res; 1182} 1183 1184static void BeforeFork() { 1185 StackDepotLockAll(); 1186 ChainedOriginDepotLockAll(); 1187} 1188 1189static void AfterFork() { 1190 ChainedOriginDepotUnlockAll(); 1191 StackDepotUnlockAll(); 1192} 1193 1194INTERCEPTOR(int, fork, void) { 1195 ENSURE_MSAN_INITED(); 1196 BeforeFork(); 1197 int pid = REAL(fork)(); 1198 AfterFork(); 1199 return pid; 1200} 1201 1202// NetBSD ships with openpty(3) in -lutil, that needs to be prebuilt explicitly 1203// with MSan. 1204#if SANITIZER_LINUX 1205INTERCEPTOR(int, openpty, int *aparent, int *aworker, char *name, 1206 const void *termp, const void *winp) { 1207 ENSURE_MSAN_INITED(); 1208 InterceptorScope interceptor_scope; 1209 int res = REAL(openpty)(aparent, aworker, name, termp, winp); 1210 if (!res) { 1211 __msan_unpoison(aparent, sizeof(*aparent)); 1212 __msan_unpoison(aworker, sizeof(*aworker)); 1213 } 1214 return res; 1215} 1216#define MSAN_MAYBE_INTERCEPT_OPENPTY INTERCEPT_FUNCTION(openpty) 1217#else 1218#define MSAN_MAYBE_INTERCEPT_OPENPTY 1219#endif 1220 1221// NetBSD ships with forkpty(3) in -lutil, that needs to be prebuilt explicitly 1222// with MSan. 1223#if SANITIZER_LINUX 1224INTERCEPTOR(int, forkpty, int *aparent, char *name, const void *termp, 1225 const void *winp) { 1226 ENSURE_MSAN_INITED(); 1227 InterceptorScope interceptor_scope; 1228 int res = REAL(forkpty)(aparent, name, termp, winp); 1229 if (res != -1) 1230 __msan_unpoison(aparent, sizeof(*aparent)); 1231 return res; 1232} 1233#define MSAN_MAYBE_INTERCEPT_FORKPTY INTERCEPT_FUNCTION(forkpty) 1234#else 1235#define MSAN_MAYBE_INTERCEPT_FORKPTY 1236#endif 1237 1238struct MSanInterceptorContext { 1239 bool in_interceptor_scope; 1240}; 1241 1242namespace __msan { 1243 1244int OnExit() { 1245 // FIXME: ask frontend whether we need to return failure. 1246 return 0; 1247} 1248 1249} // namespace __msan 1250 1251// A version of CHECK_UNPOISONED using a saved scope value. Used in common 1252// interceptors. 1253#define CHECK_UNPOISONED_CTX(ctx, x, n) \ 1254 do { \ 1255 if (!((MSanInterceptorContext *)ctx)->in_interceptor_scope) \ 1256 CHECK_UNPOISONED_0(x, n); \ 1257 } while (0) 1258 1259#define MSAN_INTERCEPT_FUNC(name) \ 1260 do { \ 1261 if (!INTERCEPT_FUNCTION(name)) \ 1262 VReport(1, "MemorySanitizer: failed to intercept '%s'\n'", #name); \ 1263 } while (0) 1264 1265#define MSAN_INTERCEPT_FUNC_VER(name, ver) \ 1266 do { \ 1267 if (!INTERCEPT_FUNCTION_VER(name, ver)) \ 1268 VReport(1, "MemorySanitizer: failed to intercept '%s@@%s'\n", #name, \ 1269 #ver); \ 1270 } while (0) 1271 1272#define COMMON_INTERCEPT_FUNCTION(name) MSAN_INTERCEPT_FUNC(name) 1273#define COMMON_INTERCEPT_FUNCTION_VER(name, ver) \ 1274 MSAN_INTERCEPT_FUNC_VER(name, ver) 1275#define COMMON_INTERCEPTOR_UNPOISON_PARAM(count) \ 1276 UnpoisonParam(count) 1277#define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \ 1278 __msan_unpoison(ptr, size) 1279#define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \ 1280 CHECK_UNPOISONED_CTX(ctx, ptr, size) 1281#define COMMON_INTERCEPTOR_INITIALIZE_RANGE(ptr, size) \ 1282 __msan_unpoison(ptr, size) 1283#define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \ 1284 if (msan_init_is_running) return REAL(func)(__VA_ARGS__); \ 1285 ENSURE_MSAN_INITED(); \ 1286 MSanInterceptorContext msan_ctx = {IsInInterceptorScope()}; \ 1287 ctx = (void *)&msan_ctx; \ 1288 (void)ctx; \ 1289 InterceptorScope interceptor_scope; \ 1290 __msan_unpoison(__errno_location(), sizeof(int)); /* NOLINT */ 1291#define COMMON_INTERCEPTOR_DIR_ACQUIRE(ctx, path) \ 1292 do { \ 1293 } while (false) 1294#define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) \ 1295 do { \ 1296 } while (false) 1297#define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) \ 1298 do { \ 1299 } while (false) 1300#define COMMON_INTERCEPTOR_FD_SOCKET_ACCEPT(ctx, fd, newfd) \ 1301 do { \ 1302 } while (false) 1303#define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) \ 1304 do { \ 1305 } while (false) // FIXME 1306#define COMMON_INTERCEPTOR_SET_PTHREAD_NAME(ctx, thread, name) \ 1307 do { \ 1308 } while (false) // FIXME 1309#define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name) 1310#define COMMON_INTERCEPTOR_ON_EXIT(ctx) OnExit() 1311#define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle) \ 1312 do { \ 1313 link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle)); \ 1314 if (filename && map) \ 1315 ForEachMappedRegion(map, __msan_unpoison); \ 1316 } while (false) 1317 1318#define COMMON_INTERCEPTOR_GET_TLS_RANGE(begin, end) \ 1319 if (MsanThread *t = GetCurrentThread()) { \ 1320 *begin = t->tls_begin(); \ 1321 *end = t->tls_end(); \ 1322 } else { \ 1323 *begin = *end = 0; \ 1324 } 1325 1326#define COMMON_INTERCEPTOR_MEMSET_IMPL(ctx, block, c, size) \ 1327 { \ 1328 (void)ctx; \ 1329 return __msan_memset(block, c, size); \ 1330 } 1331#define COMMON_INTERCEPTOR_MEMMOVE_IMPL(ctx, to, from, size) \ 1332 { \ 1333 (void)ctx; \ 1334 return __msan_memmove(to, from, size); \ 1335 } 1336#define COMMON_INTERCEPTOR_MEMCPY_IMPL(ctx, to, from, size) \ 1337 { \ 1338 (void)ctx; \ 1339 return __msan_memcpy(to, from, size); \ 1340 } 1341 1342#define COMMON_INTERCEPTOR_COPY_STRING(ctx, to, from, size) \ 1343 do { \ 1344 GET_STORE_STACK_TRACE; \ 1345 CopyShadowAndOrigin(to, from, size, &stack); \ 1346 __msan_unpoison(to + size, 1); \ 1347 } while (false) 1348 1349#define COMMON_INTERCEPTOR_MMAP_IMPL(ctx, mmap, addr, length, prot, flags, fd, \ 1350 offset) \ 1351 do { \ 1352 return mmap_interceptor(REAL(mmap), addr, sz, prot, flags, fd, off); \ 1353 } while (false) 1354 1355#include "sanitizer_common/sanitizer_platform_interceptors.h" 1356#include "sanitizer_common/sanitizer_common_interceptors.inc" 1357 1358static uptr signal_impl(int signo, uptr cb); 1359static int sigaction_impl(int signo, const __sanitizer_sigaction *act, 1360 __sanitizer_sigaction *oldact); 1361 1362#define SIGNAL_INTERCEPTOR_SIGACTION_IMPL(signo, act, oldact) \ 1363 { return sigaction_impl(signo, act, oldact); } 1364 1365#define SIGNAL_INTERCEPTOR_SIGNAL_IMPL(func, signo, handler) \ 1366 { \ 1367 handler = signal_impl(signo, handler); \ 1368 InterceptorScope interceptor_scope; \ 1369 return REAL(func)(signo, handler); \ 1370 } 1371 1372#include "sanitizer_common/sanitizer_signal_interceptors.inc" 1373 1374static int sigaction_impl(int signo, const __sanitizer_sigaction *act, 1375 __sanitizer_sigaction *oldact) { 1376 ENSURE_MSAN_INITED(); 1377 if (act) read_sigaction(act); 1378 int res; 1379 if (flags()->wrap_signals) { 1380 SpinMutexLock lock(&sigactions_mu); 1381 CHECK_LT(signo, kMaxSignals); 1382 uptr old_cb = atomic_load(&sigactions[signo], memory_order_relaxed); 1383 __sanitizer_sigaction new_act; 1384 __sanitizer_sigaction *pnew_act = act ? &new_act : nullptr; 1385 if (act) { 1386 REAL(memcpy)(pnew_act, act, sizeof(__sanitizer_sigaction)); 1387 uptr cb = (uptr)pnew_act->sigaction; 1388 uptr new_cb = (pnew_act->sa_flags & __sanitizer::sa_siginfo) 1389 ? (uptr)SignalAction 1390 : (uptr)SignalHandler; 1391 if (cb != __sanitizer::sig_ign && cb != __sanitizer::sig_dfl) { 1392 atomic_store(&sigactions[signo], cb, memory_order_relaxed); 1393 pnew_act->sigaction = (decltype(pnew_act->sigaction))new_cb; 1394 } 1395 } 1396 res = REAL(SIGACTION_SYMNAME)(signo, pnew_act, oldact); 1397 if (res == 0 && oldact) { 1398 uptr cb = (uptr)oldact->sigaction; 1399 if (cb == (uptr)SignalAction || cb == (uptr)SignalHandler) { 1400 oldact->sigaction = (decltype(oldact->sigaction))old_cb; 1401 } 1402 } 1403 } else { 1404 res = REAL(SIGACTION_SYMNAME)(signo, act, oldact); 1405 } 1406 1407 if (res == 0 && oldact) { 1408 __msan_unpoison(oldact, sizeof(__sanitizer_sigaction)); 1409 } 1410 return res; 1411} 1412 1413static uptr signal_impl(int signo, uptr cb) { 1414 ENSURE_MSAN_INITED(); 1415 if (flags()->wrap_signals) { 1416 CHECK_LT(signo, kMaxSignals); 1417 SpinMutexLock lock(&sigactions_mu); 1418 if (cb != __sanitizer::sig_ign && cb != __sanitizer::sig_dfl) { 1419 atomic_store(&sigactions[signo], cb, memory_order_relaxed); 1420 cb = (uptr)&SignalHandler; 1421 } 1422 } 1423 return cb; 1424} 1425 1426#define COMMON_SYSCALL_PRE_READ_RANGE(p, s) CHECK_UNPOISONED(p, s) 1427#define COMMON_SYSCALL_PRE_WRITE_RANGE(p, s) \ 1428 do { \ 1429 } while (false) 1430#define COMMON_SYSCALL_POST_READ_RANGE(p, s) \ 1431 do { \ 1432 } while (false) 1433#define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) __msan_unpoison(p, s) 1434#include "sanitizer_common/sanitizer_common_syscalls.inc" 1435#include "sanitizer_common/sanitizer_syscalls_netbsd.inc" 1436 1437struct dlinfo { 1438 char *dli_fname; 1439 void *dli_fbase; 1440 char *dli_sname; 1441 void *dli_saddr; 1442}; 1443 1444INTERCEPTOR(int, dladdr, void *addr, dlinfo *info) { 1445 void *ctx; 1446 COMMON_INTERCEPTOR_ENTER(ctx, dladdr, addr, info); 1447 int res = REAL(dladdr)(addr, info); 1448 if (res != 0) { 1449 __msan_unpoison(info, sizeof(*info)); 1450 if (info->dli_fname) 1451 __msan_unpoison(info->dli_fname, REAL(strlen)(info->dli_fname) + 1); 1452 if (info->dli_sname) 1453 __msan_unpoison(info->dli_sname, REAL(strlen)(info->dli_sname) + 1); 1454 } 1455 return res; 1456} 1457 1458INTERCEPTOR(char *, dlerror, int fake) { 1459 void *ctx; 1460 COMMON_INTERCEPTOR_ENTER(ctx, dlerror, fake); 1461 char *res = REAL(dlerror)(fake); 1462 if (res) __msan_unpoison(res, REAL(strlen)(res) + 1); 1463 return res; 1464} 1465 1466typedef int (*dl_iterate_phdr_cb)(__sanitizer_dl_phdr_info *info, SIZE_T size, 1467 void *data); 1468struct dl_iterate_phdr_data { 1469 dl_iterate_phdr_cb callback; 1470 void *data; 1471}; 1472 1473static int msan_dl_iterate_phdr_cb(__sanitizer_dl_phdr_info *info, SIZE_T size, 1474 void *data) { 1475 if (info) { 1476 __msan_unpoison(info, size); 1477 if (info->dlpi_phdr && info->dlpi_phnum) 1478 __msan_unpoison(info->dlpi_phdr, struct_ElfW_Phdr_sz * info->dlpi_phnum); 1479 if (info->dlpi_name) 1480 __msan_unpoison(info->dlpi_name, REAL(strlen)(info->dlpi_name) + 1); 1481 } 1482 dl_iterate_phdr_data *cbdata = (dl_iterate_phdr_data *)data; 1483 UnpoisonParam(3); 1484 return cbdata->callback(info, size, cbdata->data); 1485} 1486 1487INTERCEPTOR(void *, shmat, int shmid, const void *shmaddr, int shmflg) { 1488 ENSURE_MSAN_INITED(); 1489 void *p = REAL(shmat)(shmid, shmaddr, shmflg); 1490 if (p != (void *)-1) { 1491 __sanitizer_shmid_ds ds; 1492 int res = REAL(shmctl)(shmid, shmctl_ipc_stat, &ds); 1493 if (!res) { 1494 __msan_unpoison(p, ds.shm_segsz); 1495 } 1496 } 1497 return p; 1498} 1499 1500INTERCEPTOR(int, dl_iterate_phdr, dl_iterate_phdr_cb callback, void *data) { 1501 void *ctx; 1502 COMMON_INTERCEPTOR_ENTER(ctx, dl_iterate_phdr, callback, data); 1503 dl_iterate_phdr_data cbdata; 1504 cbdata.callback = callback; 1505 cbdata.data = data; 1506 int res = REAL(dl_iterate_phdr)(msan_dl_iterate_phdr_cb, (void *)&cbdata); 1507 return res; 1508} 1509 1510// wchar_t *wcschr(const wchar_t *wcs, wchar_t wc); 1511INTERCEPTOR(wchar_t *, wcschr, void *s, wchar_t wc, void *ps) { 1512 ENSURE_MSAN_INITED(); 1513 wchar_t *res = REAL(wcschr)(s, wc, ps); 1514 return res; 1515} 1516 1517// wchar_t *wcscpy(wchar_t *dest, const wchar_t *src); 1518INTERCEPTOR(wchar_t *, wcscpy, wchar_t *dest, const wchar_t *src) { 1519 ENSURE_MSAN_INITED(); 1520 GET_STORE_STACK_TRACE; 1521 wchar_t *res = REAL(wcscpy)(dest, src); 1522 CopyShadowAndOrigin(dest, src, sizeof(wchar_t) * (REAL(wcslen)(src) + 1), 1523 &stack); 1524 return res; 1525} 1526 1527INTERCEPTOR(wchar_t *, wcsncpy, wchar_t *dest, const wchar_t *src, SIZE_T n) { 1528 ENSURE_MSAN_INITED(); 1529 GET_STORE_STACK_TRACE; 1530 SIZE_T copy_size = REAL(wcsnlen)(src, n); 1531 if (copy_size < n) copy_size++; // trailing \0 1532 wchar_t *res = REAL(wcsncpy)(dest, src, n); 1533 CopyShadowAndOrigin(dest, src, copy_size * sizeof(wchar_t), &stack); 1534 __msan_unpoison(dest + copy_size, (n - copy_size) * sizeof(wchar_t)); 1535 return res; 1536} 1537 1538// These interface functions reside here so that they can use 1539// REAL(memset), etc. 1540void __msan_unpoison(const void *a, uptr size) { 1541 if (!MEM_IS_APP(a)) return; 1542 SetShadow(a, size, 0); 1543} 1544 1545void __msan_poison(const void *a, uptr size) { 1546 if (!MEM_IS_APP(a)) return; 1547 SetShadow(a, size, __msan::flags()->poison_heap_with_zeroes ? 0 : -1); 1548} 1549 1550void __msan_poison_stack(void *a, uptr size) { 1551 if (!MEM_IS_APP(a)) return; 1552 SetShadow(a, size, __msan::flags()->poison_stack_with_zeroes ? 0 : -1); 1553} 1554 1555void __msan_unpoison_param(uptr n) { UnpoisonParam(n); } 1556 1557void __msan_clear_and_unpoison(void *a, uptr size) { 1558 REAL(memset)(a, 0, size); 1559 SetShadow(a, size, 0); 1560} 1561 1562void *__msan_memcpy(void *dest, const void *src, SIZE_T n) { 1563 if (!msan_inited) return internal_memcpy(dest, src, n); 1564 if (msan_init_is_running || __msan::IsInSymbolizer()) 1565 return REAL(memcpy)(dest, src, n); 1566 ENSURE_MSAN_INITED(); 1567 GET_STORE_STACK_TRACE; 1568 void *res = REAL(memcpy)(dest, src, n); 1569 CopyShadowAndOrigin(dest, src, n, &stack); 1570 return res; 1571} 1572 1573void *__msan_memset(void *s, int c, SIZE_T n) { 1574 if (!msan_inited) return internal_memset(s, c, n); 1575 if (msan_init_is_running) return REAL(memset)(s, c, n); 1576 ENSURE_MSAN_INITED(); 1577 void *res = REAL(memset)(s, c, n); 1578 __msan_unpoison(s, n); 1579 return res; 1580} 1581 1582void *__msan_memmove(void *dest, const void *src, SIZE_T n) { 1583 if (!msan_inited) return internal_memmove(dest, src, n); 1584 if (msan_init_is_running) return REAL(memmove)(dest, src, n); 1585 ENSURE_MSAN_INITED(); 1586 GET_STORE_STACK_TRACE; 1587 void *res = REAL(memmove)(dest, src, n); 1588 MoveShadowAndOrigin(dest, src, n, &stack); 1589 return res; 1590} 1591 1592void __msan_unpoison_string(const char* s) { 1593 if (!MEM_IS_APP(s)) return; 1594 __msan_unpoison(s, REAL(strlen)(s) + 1); 1595} 1596 1597namespace __msan { 1598 1599void InitializeInterceptors() { 1600 static int inited = 0; 1601 CHECK_EQ(inited, 0); 1602 1603 new(interceptor_ctx()) InterceptorContext(); 1604 1605 InitializeCommonInterceptors(); 1606 InitializeSignalInterceptors(); 1607 1608 INTERCEPT_FUNCTION(posix_memalign); 1609 MSAN_MAYBE_INTERCEPT_MEMALIGN; 1610 MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN; 1611 INTERCEPT_FUNCTION(valloc); 1612 MSAN_MAYBE_INTERCEPT_PVALLOC; 1613 INTERCEPT_FUNCTION(malloc); 1614 INTERCEPT_FUNCTION(calloc); 1615 INTERCEPT_FUNCTION(realloc); 1616 INTERCEPT_FUNCTION(reallocarray); 1617 INTERCEPT_FUNCTION(free); 1618 MSAN_MAYBE_INTERCEPT_CFREE; 1619 MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE; 1620 MSAN_MAYBE_INTERCEPT_MALLINFO; 1621 MSAN_MAYBE_INTERCEPT_MALLOPT; 1622 MSAN_MAYBE_INTERCEPT_MALLOC_STATS; 1623 INTERCEPT_FUNCTION(fread); 1624 MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED; 1625 INTERCEPT_FUNCTION(memccpy); 1626 MSAN_MAYBE_INTERCEPT_MEMPCPY; 1627 INTERCEPT_FUNCTION(bcopy); 1628 INTERCEPT_FUNCTION(wmemset); 1629 INTERCEPT_FUNCTION(wmemcpy); 1630 MSAN_MAYBE_INTERCEPT_WMEMPCPY; 1631 INTERCEPT_FUNCTION(wmemmove); 1632 INTERCEPT_FUNCTION(strcpy); 1633 MSAN_MAYBE_INTERCEPT_STPCPY; 1634 INTERCEPT_FUNCTION(strdup); 1635 MSAN_MAYBE_INTERCEPT___STRDUP; 1636 INTERCEPT_FUNCTION(strncpy); 1637 MSAN_MAYBE_INTERCEPT_GCVT; 1638 INTERCEPT_FUNCTION(strcat); 1639 INTERCEPT_FUNCTION(strncat); 1640 INTERCEPT_STRTO(strtod); 1641 INTERCEPT_STRTO(strtof); 1642 INTERCEPT_STRTO(strtold); 1643 INTERCEPT_STRTO(strtol); 1644 INTERCEPT_STRTO(strtoul); 1645 INTERCEPT_STRTO(strtoll); 1646 INTERCEPT_STRTO(strtoull); 1647 INTERCEPT_STRTO(strtouq); 1648 INTERCEPT_STRTO(wcstod); 1649 INTERCEPT_STRTO(wcstof); 1650 INTERCEPT_STRTO(wcstold); 1651 INTERCEPT_STRTO(wcstol); 1652 INTERCEPT_STRTO(wcstoul); 1653 INTERCEPT_STRTO(wcstoll); 1654 INTERCEPT_STRTO(wcstoull); 1655#ifdef SANITIZER_NLDBL_VERSION 1656 INTERCEPT_FUNCTION_VER(vswprintf, SANITIZER_NLDBL_VERSION); 1657 INTERCEPT_FUNCTION_VER(swprintf, SANITIZER_NLDBL_VERSION); 1658#else 1659 INTERCEPT_FUNCTION(vswprintf); 1660 INTERCEPT_FUNCTION(swprintf); 1661#endif 1662 INTERCEPT_FUNCTION(strftime); 1663 INTERCEPT_FUNCTION(strftime_l); 1664 MSAN_MAYBE_INTERCEPT___STRFTIME_L; 1665 INTERCEPT_FUNCTION(wcsftime); 1666 INTERCEPT_FUNCTION(wcsftime_l); 1667 MSAN_MAYBE_INTERCEPT___WCSFTIME_L; 1668 INTERCEPT_FUNCTION(mbtowc); 1669 INTERCEPT_FUNCTION(mbrtowc); 1670 INTERCEPT_FUNCTION(wcslen); 1671 INTERCEPT_FUNCTION(wcsnlen); 1672 INTERCEPT_FUNCTION(wcschr); 1673 INTERCEPT_FUNCTION(wcscpy); 1674 INTERCEPT_FUNCTION(wcsncpy); 1675 INTERCEPT_FUNCTION(wcscmp); 1676 INTERCEPT_FUNCTION(getenv); 1677 INTERCEPT_FUNCTION(setenv); 1678 INTERCEPT_FUNCTION(putenv); 1679 INTERCEPT_FUNCTION(gettimeofday); 1680 MSAN_MAYBE_INTERCEPT_FCVT; 1681 MSAN_MAYBE_INTERCEPT_FSTAT; 1682 MSAN_MAYBE_INTERCEPT___FXSTAT; 1683 MSAN_INTERCEPT_FSTATAT; 1684 MSAN_MAYBE_INTERCEPT___FXSTAT64; 1685 MSAN_MAYBE_INTERCEPT___FXSTATAT64; 1686 INTERCEPT_FUNCTION(pipe); 1687 INTERCEPT_FUNCTION(pipe2); 1688 INTERCEPT_FUNCTION(socketpair); 1689 MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED; 1690 INTERCEPT_FUNCTION(getrlimit); 1691 MSAN_MAYBE_INTERCEPT___GETRLIMIT; 1692 MSAN_MAYBE_INTERCEPT_GETRLIMIT64; 1693 MSAN_MAYBE_INTERCEPT_PRLIMIT; 1694 MSAN_MAYBE_INTERCEPT_PRLIMIT64; 1695 MSAN_INTERCEPT_UNAME; 1696 INTERCEPT_FUNCTION(gethostname); 1697 MSAN_MAYBE_INTERCEPT_EPOLL_WAIT; 1698 MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT; 1699 INTERCEPT_FUNCTION(dladdr); 1700 INTERCEPT_FUNCTION(dlerror); 1701 INTERCEPT_FUNCTION(dl_iterate_phdr); 1702 INTERCEPT_FUNCTION(getrusage); 1703#if defined(__mips__) 1704 INTERCEPT_FUNCTION_VER(pthread_create, "GLIBC_2.2"); 1705#else 1706 INTERCEPT_FUNCTION(pthread_create); 1707#endif 1708 INTERCEPT_FUNCTION(pthread_key_create); 1709 1710#if SANITIZER_NETBSD 1711 INTERCEPT_FUNCTION(__libc_thr_keycreate); 1712#endif 1713 1714 INTERCEPT_FUNCTION(pthread_join); 1715 INTERCEPT_FUNCTION(tzset); 1716 INTERCEPT_FUNCTION(atexit); 1717 INTERCEPT_FUNCTION(__cxa_atexit); 1718 INTERCEPT_FUNCTION(shmat); 1719 INTERCEPT_FUNCTION(fork); 1720 MSAN_MAYBE_INTERCEPT_OPENPTY; 1721 MSAN_MAYBE_INTERCEPT_FORKPTY; 1722 1723 inited = 1; 1724} 1725} // namespace __msan 1726