1 //===-- msan_interceptors.cpp ---------------------------------------------===//
2 //
3 // Part of the LLVM Project, under the Apache License v2.0 with LLVM Exceptions.
4 // See https://llvm.org/LICENSE.txt for license information.
5 // SPDX-License-Identifier: Apache-2.0 WITH LLVM-exception
6 //
7 //===----------------------------------------------------------------------===//
8 //
9 // This file is a part of MemorySanitizer.
10 //
11 // Interceptors for standard library functions.
12 //
13 // FIXME: move as many interceptors as possible into
14 // sanitizer_common/sanitizer_common_interceptors.h
15 //===----------------------------------------------------------------------===//
16
17 #define SANITIZER_COMMON_NO_REDEFINE_BUILTINS
18
19 #include "interception/interception.h"
20 #include "msan.h"
21 #include "msan_chained_origin_depot.h"
22 #include "msan_dl.h"
23 #include "msan_origin.h"
24 #include "msan_poisoning.h"
25 #include "msan_report.h"
26 #include "msan_thread.h"
27 #include "sanitizer_common/sanitizer_allocator.h"
28 #include "sanitizer_common/sanitizer_allocator_dlsym.h"
29 #include "sanitizer_common/sanitizer_allocator_interface.h"
30 #include "sanitizer_common/sanitizer_atomic.h"
31 #include "sanitizer_common/sanitizer_common.h"
32 #include "sanitizer_common/sanitizer_errno.h"
33 #include "sanitizer_common/sanitizer_errno_codes.h"
34 #include "sanitizer_common/sanitizer_glibc_version.h"
35 #include "sanitizer_common/sanitizer_libc.h"
36 #include "sanitizer_common/sanitizer_linux.h"
37 #include "sanitizer_common/sanitizer_platform_limits_netbsd.h"
38 #include "sanitizer_common/sanitizer_platform_limits_posix.h"
39 #include "sanitizer_common/sanitizer_stackdepot.h"
40 #include "sanitizer_common/sanitizer_tls_get_addr.h"
41 #include "sanitizer_common/sanitizer_vector.h"
42
43 #if SANITIZER_NETBSD
44 #define fstat __fstat50
45 #define gettimeofday __gettimeofday50
46 #define getrusage __getrusage50
47 #define tzset __tzset50
48 #endif
49
50 #include <stdarg.h>
51 // ACHTUNG! No other system header includes in this file.
52 // Ideally, we should get rid of stdarg.h as well.
53
54 using namespace __msan;
55
56 using __sanitizer::memory_order;
57 using __sanitizer::atomic_load;
58 using __sanitizer::atomic_store;
59 using __sanitizer::atomic_uintptr_t;
60
61 DECLARE_REAL(SIZE_T, strlen, const char *s)
62 DECLARE_REAL(SIZE_T, strnlen, const char *s, SIZE_T maxlen)
63 DECLARE_REAL(void *, memcpy, void *dest, const void *src, uptr n)
64 DECLARE_REAL(void *, memset, void *dest, int c, uptr n)
65
66 // True if this is a nested interceptor.
67 static THREADLOCAL int in_interceptor_scope;
68
__msan_scoped_disable_interceptor_checks()69 void __msan_scoped_disable_interceptor_checks() { ++in_interceptor_scope; }
__msan_scoped_enable_interceptor_checks()70 void __msan_scoped_enable_interceptor_checks() { --in_interceptor_scope; }
71
72 struct InterceptorScope {
InterceptorScopeInterceptorScope73 InterceptorScope() { ++in_interceptor_scope; }
~InterceptorScopeInterceptorScope74 ~InterceptorScope() { --in_interceptor_scope; }
75 };
76
IsInInterceptorScope()77 bool IsInInterceptorScope() {
78 return in_interceptor_scope;
79 }
80
81 struct DlsymAlloc : public DlSymAllocator<DlsymAlloc> {
UseImplDlsymAlloc82 static bool UseImpl() { return !msan_inited; }
83 };
84
85 #define ENSURE_MSAN_INITED() do { \
86 CHECK(!msan_init_is_running); \
87 if (!msan_inited) { \
88 __msan_init(); \
89 } \
90 } while (0)
91
92 // Check that [x, x+n) range is unpoisoned.
93 #define CHECK_UNPOISONED_0(x, n) \
94 do { \
95 sptr __offset = __msan_test_shadow(x, n); \
96 if (__msan::IsInSymbolizerOrUnwider()) \
97 break; \
98 if (__offset >= 0 && __msan::flags()->report_umrs) { \
99 GET_CALLER_PC_BP; \
100 ReportUMRInsideAddressRange(__func__, x, n, __offset); \
101 __msan::PrintWarningWithOrigin( \
102 pc, bp, __msan_get_origin((const char *)x + __offset)); \
103 if (__msan::flags()->halt_on_error) { \
104 Printf("Exiting\n"); \
105 Die(); \
106 } \
107 } \
108 } while (0)
109
110 // Check that [x, x+n) range is unpoisoned unless we are in a nested
111 // interceptor.
112 #define CHECK_UNPOISONED(x, n) \
113 do { \
114 if (!IsInInterceptorScope()) CHECK_UNPOISONED_0(x, n); \
115 } while (0)
116
117 #define CHECK_UNPOISONED_STRING_OF_LEN(x, len, n) \
118 CHECK_UNPOISONED((x), \
119 common_flags()->strict_string_checks ? (len) + 1 : (n) )
120
121 #define CHECK_UNPOISONED_STRING(x, n) \
122 CHECK_UNPOISONED_STRING_OF_LEN((x), internal_strlen(x), (n))
123
124 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(SIZE_T,fread_unlocked,void * ptr,SIZE_T size,SIZE_T nmemb,void * file)125 INTERCEPTOR(SIZE_T, fread_unlocked, void *ptr, SIZE_T size, SIZE_T nmemb,
126 void *file) {
127 ENSURE_MSAN_INITED();
128 SIZE_T res = REAL(fread_unlocked)(ptr, size, nmemb, file);
129 if (res > 0)
130 __msan_unpoison(ptr, res *size);
131 return res;
132 }
133 #define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED INTERCEPT_FUNCTION(fread_unlocked)
134 #else
135 #define MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED
136 #endif
137
138 #if !SANITIZER_NETBSD
INTERCEPTOR(void *,mempcpy,void * dest,const void * src,SIZE_T n)139 INTERCEPTOR(void *, mempcpy, void *dest, const void *src, SIZE_T n) {
140 return (char *)__msan_memcpy(dest, src, n) + n;
141 }
142 #define MSAN_MAYBE_INTERCEPT_MEMPCPY INTERCEPT_FUNCTION(mempcpy)
143 #else
144 #define MSAN_MAYBE_INTERCEPT_MEMPCPY
145 #endif
146
INTERCEPTOR(void *,memccpy,void * dest,const void * src,int c,SIZE_T n)147 INTERCEPTOR(void *, memccpy, void *dest, const void *src, int c, SIZE_T n) {
148 ENSURE_MSAN_INITED();
149 void *res = REAL(memccpy)(dest, src, c, n);
150 CHECK(!res || (res >= dest && res <= (char *)dest + n));
151 SIZE_T sz = res ? (char *)res - (char *)dest : n;
152 CHECK_UNPOISONED(src, sz);
153 __msan_unpoison(dest, sz);
154 return res;
155 }
156
INTERCEPTOR(void *,bcopy,const void * src,void * dest,SIZE_T n)157 INTERCEPTOR(void *, bcopy, const void *src, void *dest, SIZE_T n) {
158 return __msan_memmove(dest, src, n);
159 }
160
INTERCEPTOR(int,posix_memalign,void ** memptr,SIZE_T alignment,SIZE_T size)161 INTERCEPTOR(int, posix_memalign, void **memptr, SIZE_T alignment, SIZE_T size) {
162 GET_MALLOC_STACK_TRACE;
163 CHECK_NE(memptr, 0);
164 int res = msan_posix_memalign(memptr, alignment, size, &stack);
165 if (!res)
166 __msan_unpoison(memptr, sizeof(*memptr));
167 return res;
168 }
169
170 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(void *,memalign,SIZE_T alignment,SIZE_T size)171 INTERCEPTOR(void *, memalign, SIZE_T alignment, SIZE_T size) {
172 GET_MALLOC_STACK_TRACE;
173 return msan_memalign(alignment, size, &stack);
174 }
175 #define MSAN_MAYBE_INTERCEPT_MEMALIGN INTERCEPT_FUNCTION(memalign)
176 #else
177 #define MSAN_MAYBE_INTERCEPT_MEMALIGN
178 #endif
179
INTERCEPTOR(void *,aligned_alloc,SIZE_T alignment,SIZE_T size)180 INTERCEPTOR(void *, aligned_alloc, SIZE_T alignment, SIZE_T size) {
181 GET_MALLOC_STACK_TRACE;
182 return msan_aligned_alloc(alignment, size, &stack);
183 }
184
185 #if !SANITIZER_NETBSD
INTERCEPTOR(void *,__libc_memalign,SIZE_T alignment,SIZE_T size)186 INTERCEPTOR(void *, __libc_memalign, SIZE_T alignment, SIZE_T size) {
187 GET_MALLOC_STACK_TRACE;
188 void *ptr = msan_memalign(alignment, size, &stack);
189 if (ptr)
190 DTLS_on_libc_memalign(ptr, size);
191 return ptr;
192 }
193 #define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN INTERCEPT_FUNCTION(__libc_memalign)
194 #else
195 #define MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN
196 #endif
197
INTERCEPTOR(void *,valloc,SIZE_T size)198 INTERCEPTOR(void *, valloc, SIZE_T size) {
199 GET_MALLOC_STACK_TRACE;
200 return msan_valloc(size, &stack);
201 }
202
203 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(void *,pvalloc,SIZE_T size)204 INTERCEPTOR(void *, pvalloc, SIZE_T size) {
205 GET_MALLOC_STACK_TRACE;
206 return msan_pvalloc(size, &stack);
207 }
208 #define MSAN_MAYBE_INTERCEPT_PVALLOC INTERCEPT_FUNCTION(pvalloc)
209 #else
210 #define MSAN_MAYBE_INTERCEPT_PVALLOC
211 #endif
212
INTERCEPTOR(void,free,void * ptr)213 INTERCEPTOR(void, free, void *ptr) {
214 if (UNLIKELY(!ptr))
215 return;
216 if (DlsymAlloc::PointerIsMine(ptr))
217 return DlsymAlloc::Free(ptr);
218 GET_MALLOC_STACK_TRACE;
219 MsanDeallocate(&stack, ptr);
220 }
221
222 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(void,cfree,void * ptr)223 INTERCEPTOR(void, cfree, void *ptr) {
224 if (UNLIKELY(!ptr))
225 return;
226 if (DlsymAlloc::PointerIsMine(ptr))
227 return DlsymAlloc::Free(ptr);
228 GET_MALLOC_STACK_TRACE;
229 MsanDeallocate(&stack, ptr);
230 }
231 # define MSAN_MAYBE_INTERCEPT_CFREE INTERCEPT_FUNCTION(cfree)
232 #else
233 #define MSAN_MAYBE_INTERCEPT_CFREE
234 #endif
235
236 #if !SANITIZER_NETBSD
INTERCEPTOR(uptr,malloc_usable_size,void * ptr)237 INTERCEPTOR(uptr, malloc_usable_size, void *ptr) {
238 return __sanitizer_get_allocated_size(ptr);
239 }
240 #define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE \
241 INTERCEPT_FUNCTION(malloc_usable_size)
242 #else
243 #define MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE
244 #endif
245
246 #if (!SANITIZER_FREEBSD && !SANITIZER_NETBSD) || __GLIBC_PREREQ(2, 33)
247 template <class T>
clear_mallinfo(T * sret)248 static NOINLINE void clear_mallinfo(T *sret) {
249 ENSURE_MSAN_INITED();
250 internal_memset(sret, 0, sizeof(*sret));
251 __msan_unpoison(sret, sizeof(*sret));
252 }
253 #endif
254
255 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
256 // Interceptors use NRVO and assume that sret will be pre-allocated in
257 // caller frame.
258 INTERCEPTOR(__sanitizer_struct_mallinfo, mallinfo,) {
259 __sanitizer_struct_mallinfo sret;
260 clear_mallinfo(&sret);
261 return sret;
262 }
263 # define MSAN_MAYBE_INTERCEPT_MALLINFO INTERCEPT_FUNCTION(mallinfo)
264 #else
265 # define MSAN_MAYBE_INTERCEPT_MALLINFO
266 #endif
267
268 #if __GLIBC_PREREQ(2, 33)
INTERCEPTOR(__sanitizer_struct_mallinfo2,mallinfo2)269 INTERCEPTOR(__sanitizer_struct_mallinfo2, mallinfo2) {
270 __sanitizer_struct_mallinfo2 sret;
271 clear_mallinfo(&sret);
272 return sret;
273 }
274 # define MSAN_MAYBE_INTERCEPT_MALLINFO2 INTERCEPT_FUNCTION(mallinfo2)
275 #else
276 # define MSAN_MAYBE_INTERCEPT_MALLINFO2
277 #endif
278
279 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int,mallopt,int cmd,int value)280 INTERCEPTOR(int, mallopt, int cmd, int value) {
281 return 0;
282 }
283 #define MSAN_MAYBE_INTERCEPT_MALLOPT INTERCEPT_FUNCTION(mallopt)
284 #else
285 #define MSAN_MAYBE_INTERCEPT_MALLOPT
286 #endif
287
288 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(void,malloc_stats,void)289 INTERCEPTOR(void, malloc_stats, void) {
290 // FIXME: implement, but don't call REAL(malloc_stats)!
291 }
292 #define MSAN_MAYBE_INTERCEPT_MALLOC_STATS INTERCEPT_FUNCTION(malloc_stats)
293 #else
294 #define MSAN_MAYBE_INTERCEPT_MALLOC_STATS
295 #endif
296
INTERCEPTOR(char *,strcpy,char * dest,const char * src)297 INTERCEPTOR(char *, strcpy, char *dest, const char *src) {
298 ENSURE_MSAN_INITED();
299 GET_STORE_STACK_TRACE;
300 SIZE_T n = internal_strlen(src);
301 CHECK_UNPOISONED_STRING(src + n, 0);
302 char *res = REAL(strcpy)(dest, src);
303 CopyShadowAndOrigin(dest, src, n + 1, &stack);
304 return res;
305 }
306
INTERCEPTOR(char *,strncpy,char * dest,const char * src,SIZE_T n)307 INTERCEPTOR(char *, strncpy, char *dest, const char *src, SIZE_T n) {
308 ENSURE_MSAN_INITED();
309 GET_STORE_STACK_TRACE;
310 SIZE_T copy_size = internal_strnlen(src, n);
311 if (copy_size < n)
312 copy_size++; // trailing \0
313 char *res = REAL(strncpy)(dest, src, n);
314 CopyShadowAndOrigin(dest, src, copy_size, &stack);
315 __msan_unpoison(dest + copy_size, n - copy_size);
316 return res;
317 }
318
319 #if !SANITIZER_NETBSD
INTERCEPTOR(char *,stpcpy,char * dest,const char * src)320 INTERCEPTOR(char *, stpcpy, char *dest, const char *src) {
321 ENSURE_MSAN_INITED();
322 GET_STORE_STACK_TRACE;
323 SIZE_T n = internal_strlen(src);
324 CHECK_UNPOISONED_STRING(src + n, 0);
325 char *res = REAL(stpcpy)(dest, src);
326 CopyShadowAndOrigin(dest, src, n + 1, &stack);
327 return res;
328 }
329
INTERCEPTOR(char *,stpncpy,char * dest,const char * src,SIZE_T n)330 INTERCEPTOR(char *, stpncpy, char *dest, const char *src, SIZE_T n) {
331 ENSURE_MSAN_INITED();
332 GET_STORE_STACK_TRACE;
333 SIZE_T copy_size = Min(n, internal_strnlen(src, n) + 1);
334 char *res = REAL(stpncpy)(dest, src, n);
335 CopyShadowAndOrigin(dest, src, copy_size, &stack);
336 __msan_unpoison(dest + copy_size, n - copy_size);
337 return res;
338 }
339 # define MSAN_MAYBE_INTERCEPT_STPCPY INTERCEPT_FUNCTION(stpcpy)
340 # define MSAN_MAYBE_INTERCEPT_STPNCPY INTERCEPT_FUNCTION(stpncpy)
341 #else
342 #define MSAN_MAYBE_INTERCEPT_STPCPY
343 # define MSAN_MAYBE_INTERCEPT_STPNCPY
344 #endif
345
INTERCEPTOR(char *,strdup,char * src)346 INTERCEPTOR(char *, strdup, char *src) {
347 ENSURE_MSAN_INITED();
348 GET_STORE_STACK_TRACE;
349 // On FreeBSD strdup() leverages strlen().
350 InterceptorScope interceptor_scope;
351 SIZE_T n = internal_strlen(src);
352 CHECK_UNPOISONED_STRING(src + n, 0);
353 char *res = REAL(strdup)(src);
354 CopyShadowAndOrigin(res, src, n + 1, &stack);
355 return res;
356 }
357
358 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(char *,__strdup,char * src)359 INTERCEPTOR(char *, __strdup, char *src) {
360 ENSURE_MSAN_INITED();
361 GET_STORE_STACK_TRACE;
362 SIZE_T n = internal_strlen(src);
363 CHECK_UNPOISONED_STRING(src + n, 0);
364 char *res = REAL(__strdup)(src);
365 CopyShadowAndOrigin(res, src, n + 1, &stack);
366 return res;
367 }
368 #define MSAN_MAYBE_INTERCEPT___STRDUP INTERCEPT_FUNCTION(__strdup)
369 #else
370 #define MSAN_MAYBE_INTERCEPT___STRDUP
371 #endif
372
373 #if !SANITIZER_NETBSD
INTERCEPTOR(char *,gcvt,double number,SIZE_T ndigit,char * buf)374 INTERCEPTOR(char *, gcvt, double number, SIZE_T ndigit, char *buf) {
375 ENSURE_MSAN_INITED();
376 char *res = REAL(gcvt)(number, ndigit, buf);
377 SIZE_T n = internal_strlen(buf);
378 __msan_unpoison(buf, n + 1);
379 return res;
380 }
381 #define MSAN_MAYBE_INTERCEPT_GCVT INTERCEPT_FUNCTION(gcvt)
382 #else
383 #define MSAN_MAYBE_INTERCEPT_GCVT
384 #endif
385
INTERCEPTOR(char *,strcat,char * dest,const char * src)386 INTERCEPTOR(char *, strcat, char *dest, const char *src) {
387 ENSURE_MSAN_INITED();
388 GET_STORE_STACK_TRACE;
389 SIZE_T src_size = internal_strlen(src);
390 SIZE_T dest_size = internal_strlen(dest);
391 CHECK_UNPOISONED_STRING(src + src_size, 0);
392 CHECK_UNPOISONED_STRING(dest + dest_size, 0);
393 char *res = REAL(strcat)(dest, src);
394 CopyShadowAndOrigin(dest + dest_size, src, src_size + 1, &stack);
395 return res;
396 }
397
INTERCEPTOR(char *,strncat,char * dest,const char * src,SIZE_T n)398 INTERCEPTOR(char *, strncat, char *dest, const char *src, SIZE_T n) {
399 ENSURE_MSAN_INITED();
400 GET_STORE_STACK_TRACE;
401 SIZE_T dest_size = internal_strlen(dest);
402 SIZE_T copy_size = internal_strnlen(src, n);
403 CHECK_UNPOISONED_STRING(dest + dest_size, 0);
404 char *res = REAL(strncat)(dest, src, n);
405 CopyShadowAndOrigin(dest + dest_size, src, copy_size, &stack);
406 __msan_unpoison(dest + dest_size + copy_size, 1); // \0
407 return res;
408 }
409
410 // Hack: always pass nptr and endptr as part of __VA_ARGS_ to avoid having to
411 // deal with empty __VA_ARGS__ in the case of INTERCEPTOR_STRTO.
412 #define INTERCEPTOR_STRTO_BODY(ret_type, func, ...) \
413 ENSURE_MSAN_INITED(); \
414 ret_type res = REAL(func)(__VA_ARGS__); \
415 __msan_unpoison(endptr, sizeof(*endptr)); \
416 return res;
417
418 // On s390x, long double return values are passed via implicit reference,
419 // which needs to be unpoisoned. We make the implicit pointer explicit.
420 #define INTERCEPTOR_STRTO_SRET_BODY(func, sret, ...) \
421 ENSURE_MSAN_INITED(); \
422 REAL(func)(sret, __VA_ARGS__); \
423 __msan_unpoison(sret, sizeof(*sret)); \
424 __msan_unpoison(endptr, sizeof(*endptr));
425
426 #define INTERCEPTOR_STRTO(ret_type, func, char_type) \
427 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr) { \
428 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr); \
429 }
430
431 #define INTERCEPTOR_STRTO_SRET(ret_type, func, char_type) \
432 INTERCEPTOR(void, func, ret_type *sret, const char_type *nptr, \
433 char_type **endptr) { \
434 INTERCEPTOR_STRTO_SRET_BODY(func, sret, nptr, endptr); \
435 }
436
437 #define INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \
438 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \
439 int base) { \
440 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, base); \
441 }
442
443 #define INTERCEPTOR_STRTO_LOC(ret_type, func, char_type) \
444 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \
445 void *loc) { \
446 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, loc); \
447 }
448
449 #define INTERCEPTOR_STRTO_SRET_LOC(ret_type, func, char_type) \
450 INTERCEPTOR(void, func, ret_type *sret, const char_type *nptr, \
451 char_type **endptr, void *loc) { \
452 INTERCEPTOR_STRTO_SRET_BODY(func, sret, nptr, endptr, loc); \
453 }
454
455 #define INTERCEPTOR_STRTO_BASE_LOC(ret_type, func, char_type) \
456 INTERCEPTOR(ret_type, func, const char_type *nptr, char_type **endptr, \
457 int base, void *loc) { \
458 INTERCEPTOR_STRTO_BODY(ret_type, func, nptr, endptr, base, loc); \
459 }
460
461 #if SANITIZER_NETBSD
462 #define INTERCEPTORS_STRTO(ret_type, func, char_type) \
463 INTERCEPTOR_STRTO(ret_type, func, char_type) \
464 INTERCEPTOR_STRTO_LOC(ret_type, func##_l, char_type)
465
466 #define INTERCEPTORS_STRTO_SRET(ret_type, func, char_type) \
467 INTERCEPTOR_STRTO_SRET(ret_type, func, char_type) \
468 INTERCEPTOR_STRTO_SRET_LOC(ret_type, func##_l, char_type)
469
470 #define INTERCEPTORS_STRTO_BASE(ret_type, func, char_type) \
471 INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \
472 INTERCEPTOR_STRTO_BASE_LOC(ret_type, func##_l, char_type)
473
474 #else
475 #define INTERCEPTORS_STRTO(ret_type, func, char_type) \
476 INTERCEPTOR_STRTO(ret_type, func, char_type) \
477 INTERCEPTOR_STRTO_LOC(ret_type, func##_l, char_type) \
478 INTERCEPTOR_STRTO_LOC(ret_type, __##func##_l, char_type) \
479 INTERCEPTOR_STRTO_LOC(ret_type, __##func##_internal, char_type)
480
481 #define INTERCEPTORS_STRTO_SRET(ret_type, func, char_type) \
482 INTERCEPTOR_STRTO_SRET(ret_type, func, char_type) \
483 INTERCEPTOR_STRTO_SRET_LOC(ret_type, func##_l, char_type) \
484 INTERCEPTOR_STRTO_SRET_LOC(ret_type, __##func##_l, char_type) \
485 INTERCEPTOR_STRTO_SRET_LOC(ret_type, __##func##_internal, char_type)
486
487 #define INTERCEPTORS_STRTO_BASE(ret_type, func, char_type) \
488 INTERCEPTOR_STRTO_BASE(ret_type, func, char_type) \
489 INTERCEPTOR_STRTO_BASE_LOC(ret_type, func##_l, char_type) \
490 INTERCEPTOR_STRTO_BASE_LOC(ret_type, __##func##_l, char_type) \
491 INTERCEPTOR_STRTO_BASE_LOC(ret_type, __##func##_internal, char_type)
492 #endif
493
INTERCEPTORS_STRTO(double,strtod,char)494 INTERCEPTORS_STRTO(double, strtod, char)
495 INTERCEPTORS_STRTO(float, strtof, char)
496 #ifdef __s390x__
497 INTERCEPTORS_STRTO_SRET(long double, strtold, char)
498 #else
499 INTERCEPTORS_STRTO(long double, strtold, char)
500 #endif
501 INTERCEPTORS_STRTO_BASE(long, strtol, char)
502 INTERCEPTORS_STRTO_BASE(long long, strtoll, char)
503 INTERCEPTORS_STRTO_BASE(unsigned long, strtoul, char)
504 INTERCEPTORS_STRTO_BASE(unsigned long long, strtoull, char)
505 INTERCEPTORS_STRTO_BASE(u64, strtouq, char)
506
507 INTERCEPTORS_STRTO(double, wcstod, wchar_t)
508 INTERCEPTORS_STRTO(float, wcstof, wchar_t)
509 #ifdef __s390x__
510 INTERCEPTORS_STRTO_SRET(long double, wcstold, wchar_t)
511 #else
512 INTERCEPTORS_STRTO(long double, wcstold, wchar_t)
513 #endif
514 INTERCEPTORS_STRTO_BASE(long, wcstol, wchar_t)
515 INTERCEPTORS_STRTO_BASE(long long, wcstoll, wchar_t)
516 INTERCEPTORS_STRTO_BASE(unsigned long, wcstoul, wchar_t)
517 INTERCEPTORS_STRTO_BASE(unsigned long long, wcstoull, wchar_t)
518
519 #if SANITIZER_GLIBC
520 INTERCEPTORS_STRTO(double, __isoc23_strtod, char)
521 INTERCEPTORS_STRTO(float, __isoc23_strtof, char)
522 #ifdef __s390x__
523 INTERCEPTORS_STRTO_SRET(long double, __isoc23_strtold, char)
524 #else
525 INTERCEPTORS_STRTO(long double, __isoc23_strtold, char)
526 #endif
527 INTERCEPTORS_STRTO_BASE(long, __isoc23_strtol, char)
528 INTERCEPTORS_STRTO_BASE(long long, __isoc23_strtoll, char)
529 INTERCEPTORS_STRTO_BASE(unsigned long, __isoc23_strtoul, char)
530 INTERCEPTORS_STRTO_BASE(unsigned long long, __isoc23_strtoull, char)
531 INTERCEPTORS_STRTO_BASE(u64, __isoc23_strtouq, char)
532
533 INTERCEPTORS_STRTO(double, __isoc23_wcstod, wchar_t)
534 INTERCEPTORS_STRTO(float, __isoc23_wcstof, wchar_t)
535 #ifdef __s390x__
536 INTERCEPTORS_STRTO_SRET(long double, __isoc23_wcstold, wchar_t)
537 #else
538 INTERCEPTORS_STRTO(long double, __isoc23_wcstold, wchar_t)
539 #endif
540 INTERCEPTORS_STRTO_BASE(long, __isoc23_wcstol, wchar_t)
541 INTERCEPTORS_STRTO_BASE(long long, __isoc23_wcstoll, wchar_t)
542 INTERCEPTORS_STRTO_BASE(unsigned long, __isoc23_wcstoul, wchar_t)
543 INTERCEPTORS_STRTO_BASE(unsigned long long, __isoc23_wcstoull, wchar_t)
544 #endif
545
546 #if SANITIZER_NETBSD
547 #define INTERCEPT_STRTO(func) \
548 INTERCEPT_FUNCTION(func); \
549 INTERCEPT_FUNCTION(func##_l);
550 #else
551 #define INTERCEPT_STRTO(func) \
552 INTERCEPT_FUNCTION(func); \
553 INTERCEPT_FUNCTION(func##_l); \
554 INTERCEPT_FUNCTION(__##func##_l); \
555 INTERCEPT_FUNCTION(__##func##_internal);
556
557 #define INTERCEPT_STRTO_VER(func, ver) \
558 INTERCEPT_FUNCTION_VER(func, ver); \
559 INTERCEPT_FUNCTION_VER(func##_l, ver); \
560 INTERCEPT_FUNCTION_VER(__##func##_l, ver); \
561 INTERCEPT_FUNCTION_VER(__##func##_internal, ver);
562 #endif
563
564
565 // FIXME: support *wprintf in common format interceptors.
566 INTERCEPTOR(int, vswprintf, void *str, uptr size, void *format, va_list ap) {
567 ENSURE_MSAN_INITED();
568 int res = REAL(vswprintf)(str, size, format, ap);
569 if (res >= 0) {
570 __msan_unpoison(str, 4 * (res + 1));
571 }
572 return res;
573 }
574
INTERCEPTOR(int,swprintf,void * str,uptr size,void * format,...)575 INTERCEPTOR(int, swprintf, void *str, uptr size, void *format, ...) {
576 ENSURE_MSAN_INITED();
577 va_list ap;
578 va_start(ap, format);
579 int res = vswprintf(str, size, format, ap);
580 va_end(ap);
581 return res;
582 }
583
584 #define INTERCEPTOR_STRFTIME_BODY(char_type, ret_type, func, s, ...) \
585 ENSURE_MSAN_INITED(); \
586 InterceptorScope interceptor_scope; \
587 ret_type res = REAL(func)(s, __VA_ARGS__); \
588 if (s) __msan_unpoison(s, sizeof(char_type) * (res + 1)); \
589 return res;
590
INTERCEPTOR(SIZE_T,strftime,char * s,SIZE_T max,const char * format,__sanitizer_tm * tm)591 INTERCEPTOR(SIZE_T, strftime, char *s, SIZE_T max, const char *format,
592 __sanitizer_tm *tm) {
593 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, strftime, s, max, format, tm);
594 }
595
INTERCEPTOR(SIZE_T,strftime_l,char * s,SIZE_T max,const char * format,__sanitizer_tm * tm,void * loc)596 INTERCEPTOR(SIZE_T, strftime_l, char *s, SIZE_T max, const char *format,
597 __sanitizer_tm *tm, void *loc) {
598 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, strftime_l, s, max, format, tm, loc);
599 }
600
601 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(SIZE_T,__strftime_l,char * s,SIZE_T max,const char * format,__sanitizer_tm * tm,void * loc)602 INTERCEPTOR(SIZE_T, __strftime_l, char *s, SIZE_T max, const char *format,
603 __sanitizer_tm *tm, void *loc) {
604 INTERCEPTOR_STRFTIME_BODY(char, SIZE_T, __strftime_l, s, max, format, tm,
605 loc);
606 }
607 #define MSAN_MAYBE_INTERCEPT___STRFTIME_L INTERCEPT_FUNCTION(__strftime_l)
608 #else
609 #define MSAN_MAYBE_INTERCEPT___STRFTIME_L
610 #endif
611
INTERCEPTOR(SIZE_T,wcsftime,wchar_t * s,SIZE_T max,const wchar_t * format,__sanitizer_tm * tm)612 INTERCEPTOR(SIZE_T, wcsftime, wchar_t *s, SIZE_T max, const wchar_t *format,
613 __sanitizer_tm *tm) {
614 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, wcsftime, s, max, format, tm);
615 }
616
INTERCEPTOR(SIZE_T,wcsftime_l,wchar_t * s,SIZE_T max,const wchar_t * format,__sanitizer_tm * tm,void * loc)617 INTERCEPTOR(SIZE_T, wcsftime_l, wchar_t *s, SIZE_T max, const wchar_t *format,
618 __sanitizer_tm *tm, void *loc) {
619 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, wcsftime_l, s, max, format, tm,
620 loc);
621 }
622
623 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(SIZE_T,__wcsftime_l,wchar_t * s,SIZE_T max,const wchar_t * format,__sanitizer_tm * tm,void * loc)624 INTERCEPTOR(SIZE_T, __wcsftime_l, wchar_t *s, SIZE_T max, const wchar_t *format,
625 __sanitizer_tm *tm, void *loc) {
626 INTERCEPTOR_STRFTIME_BODY(wchar_t, SIZE_T, __wcsftime_l, s, max, format, tm,
627 loc);
628 }
629 #define MSAN_MAYBE_INTERCEPT___WCSFTIME_L INTERCEPT_FUNCTION(__wcsftime_l)
630 #else
631 #define MSAN_MAYBE_INTERCEPT___WCSFTIME_L
632 #endif
633
INTERCEPTOR(int,mbtowc,wchar_t * dest,const char * src,SIZE_T n)634 INTERCEPTOR(int, mbtowc, wchar_t *dest, const char *src, SIZE_T n) {
635 ENSURE_MSAN_INITED();
636 int res = REAL(mbtowc)(dest, src, n);
637 if (res != -1 && dest) __msan_unpoison(dest, sizeof(wchar_t));
638 return res;
639 }
640
INTERCEPTOR(SIZE_T,mbrtowc,wchar_t * dest,const char * src,SIZE_T n,void * ps)641 INTERCEPTOR(SIZE_T, mbrtowc, wchar_t *dest, const char *src, SIZE_T n,
642 void *ps) {
643 ENSURE_MSAN_INITED();
644 SIZE_T res = REAL(mbrtowc)(dest, src, n, ps);
645 if (res != (SIZE_T)-1 && dest) __msan_unpoison(dest, sizeof(wchar_t));
646 return res;
647 }
648
649 // wchar_t *wmemcpy(wchar_t *dest, const wchar_t *src, SIZE_T n);
INTERCEPTOR(wchar_t *,wmemcpy,wchar_t * dest,const wchar_t * src,SIZE_T n)650 INTERCEPTOR(wchar_t *, wmemcpy, wchar_t *dest, const wchar_t *src, SIZE_T n) {
651 ENSURE_MSAN_INITED();
652 GET_STORE_STACK_TRACE;
653 wchar_t *res = REAL(wmemcpy)(dest, src, n);
654 CopyShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack);
655 return res;
656 }
657
658 #if !SANITIZER_NETBSD
INTERCEPTOR(wchar_t *,wmempcpy,wchar_t * dest,const wchar_t * src,SIZE_T n)659 INTERCEPTOR(wchar_t *, wmempcpy, wchar_t *dest, const wchar_t *src, SIZE_T n) {
660 ENSURE_MSAN_INITED();
661 GET_STORE_STACK_TRACE;
662 wchar_t *res = REAL(wmempcpy)(dest, src, n);
663 CopyShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack);
664 return res;
665 }
666 #define MSAN_MAYBE_INTERCEPT_WMEMPCPY INTERCEPT_FUNCTION(wmempcpy)
667 #else
668 #define MSAN_MAYBE_INTERCEPT_WMEMPCPY
669 #endif
670
INTERCEPTOR(wchar_t *,wmemset,wchar_t * s,wchar_t c,SIZE_T n)671 INTERCEPTOR(wchar_t *, wmemset, wchar_t *s, wchar_t c, SIZE_T n) {
672 CHECK(MEM_IS_APP(s));
673 ENSURE_MSAN_INITED();
674 wchar_t *res = REAL(wmemset)(s, c, n);
675 __msan_unpoison(s, n * sizeof(wchar_t));
676 return res;
677 }
678
INTERCEPTOR(wchar_t *,wmemmove,wchar_t * dest,const wchar_t * src,SIZE_T n)679 INTERCEPTOR(wchar_t *, wmemmove, wchar_t *dest, const wchar_t *src, SIZE_T n) {
680 ENSURE_MSAN_INITED();
681 GET_STORE_STACK_TRACE;
682 wchar_t *res = REAL(wmemmove)(dest, src, n);
683 MoveShadowAndOrigin(dest, src, n * sizeof(wchar_t), &stack);
684 return res;
685 }
686
INTERCEPTOR(int,wcscmp,const wchar_t * s1,const wchar_t * s2)687 INTERCEPTOR(int, wcscmp, const wchar_t *s1, const wchar_t *s2) {
688 ENSURE_MSAN_INITED();
689 int res = REAL(wcscmp)(s1, s2);
690 return res;
691 }
692
INTERCEPTOR(int,gettimeofday,void * tv,void * tz)693 INTERCEPTOR(int, gettimeofday, void *tv, void *tz) {
694 ENSURE_MSAN_INITED();
695 int res = REAL(gettimeofday)(tv, tz);
696 if (tv)
697 __msan_unpoison(tv, 16);
698 if (tz)
699 __msan_unpoison(tz, 8);
700 return res;
701 }
702
703 #if !SANITIZER_NETBSD
INTERCEPTOR(char *,fcvt,double x,int a,int * b,int * c)704 INTERCEPTOR(char *, fcvt, double x, int a, int *b, int *c) {
705 ENSURE_MSAN_INITED();
706 char *res = REAL(fcvt)(x, a, b, c);
707 __msan_unpoison(b, sizeof(*b));
708 __msan_unpoison(c, sizeof(*c));
709 if (res)
710 __msan_unpoison(res, internal_strlen(res) + 1);
711 return res;
712 }
713 #define MSAN_MAYBE_INTERCEPT_FCVT INTERCEPT_FUNCTION(fcvt)
714 #else
715 #define MSAN_MAYBE_INTERCEPT_FCVT
716 #endif
717
INTERCEPTOR(char *,getenv,char * name)718 INTERCEPTOR(char *, getenv, char *name) {
719 if (msan_init_is_running)
720 return REAL(getenv)(name);
721 ENSURE_MSAN_INITED();
722 char *res = REAL(getenv)(name);
723 if (res)
724 __msan_unpoison(res, internal_strlen(res) + 1);
725 return res;
726 }
727
728 extern char **environ;
729
UnpoisonEnviron()730 static void UnpoisonEnviron() {
731 char **envp = environ;
732 for (; *envp; ++envp) {
733 __msan_unpoison(envp, sizeof(*envp));
734 __msan_unpoison(*envp, internal_strlen(*envp) + 1);
735 }
736 // Trailing NULL pointer.
737 __msan_unpoison(envp, sizeof(*envp));
738 }
739
INTERCEPTOR(int,setenv,const char * name,const char * value,int overwrite)740 INTERCEPTOR(int, setenv, const char *name, const char *value, int overwrite) {
741 ENSURE_MSAN_INITED();
742 CHECK_UNPOISONED_STRING(name, 0);
743 int res = REAL(setenv)(name, value, overwrite);
744 if (!res) UnpoisonEnviron();
745 return res;
746 }
747
INTERCEPTOR(int,putenv,char * string)748 INTERCEPTOR(int, putenv, char *string) {
749 ENSURE_MSAN_INITED();
750 int res = REAL(putenv)(string);
751 if (!res) UnpoisonEnviron();
752 return res;
753 }
754
755 #define SANITIZER_STAT_LINUX (SANITIZER_LINUX && __GLIBC_PREREQ(2, 33))
756 #if SANITIZER_FREEBSD || SANITIZER_NETBSD || SANITIZER_STAT_LINUX
INTERCEPTOR(int,fstat,int fd,void * buf)757 INTERCEPTOR(int, fstat, int fd, void *buf) {
758 ENSURE_MSAN_INITED();
759 int res = REAL(fstat)(fd, buf);
760 if (!res)
761 __msan_unpoison(buf, __sanitizer::struct_stat_sz);
762 return res;
763 }
764 # define MSAN_MAYBE_INTERCEPT_FSTAT MSAN_INTERCEPT_FUNC(fstat)
765 #else
766 #define MSAN_MAYBE_INTERCEPT_FSTAT
767 #endif
768
769 #if SANITIZER_STAT_LINUX
INTERCEPTOR(int,fstat64,int fd,void * buf)770 INTERCEPTOR(int, fstat64, int fd, void *buf) {
771 ENSURE_MSAN_INITED();
772 int res = REAL(fstat64)(fd, buf);
773 if (!res)
774 __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
775 return res;
776 }
777 # define MSAN_MAYBE_INTERCEPT_FSTAT64 MSAN_INTERCEPT_FUNC(fstat64)
778 #else
779 # define MSAN_MAYBE_INTERCEPT_FSTAT64
780 #endif
781
782 #if SANITIZER_GLIBC
INTERCEPTOR(int,__fxstat,int magic,int fd,void * buf)783 INTERCEPTOR(int, __fxstat, int magic, int fd, void *buf) {
784 ENSURE_MSAN_INITED();
785 int res = REAL(__fxstat)(magic, fd, buf);
786 if (!res)
787 __msan_unpoison(buf, __sanitizer::struct_stat_sz);
788 return res;
789 }
790 # define MSAN_MAYBE_INTERCEPT___FXSTAT MSAN_INTERCEPT_FUNC(__fxstat)
791 #else
792 #define MSAN_MAYBE_INTERCEPT___FXSTAT
793 #endif
794
795 #if SANITIZER_GLIBC
INTERCEPTOR(int,__fxstat64,int magic,int fd,void * buf)796 INTERCEPTOR(int, __fxstat64, int magic, int fd, void *buf) {
797 ENSURE_MSAN_INITED();
798 int res = REAL(__fxstat64)(magic, fd, buf);
799 if (!res)
800 __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
801 return res;
802 }
803 # define MSAN_MAYBE_INTERCEPT___FXSTAT64 MSAN_INTERCEPT_FUNC(__fxstat64)
804 #else
805 # define MSAN_MAYBE_INTERCEPT___FXSTAT64
806 #endif
807
808 #if SANITIZER_FREEBSD || SANITIZER_NETBSD || SANITIZER_STAT_LINUX
INTERCEPTOR(int,fstatat,int fd,char * pathname,void * buf,int flags)809 INTERCEPTOR(int, fstatat, int fd, char *pathname, void *buf, int flags) {
810 ENSURE_MSAN_INITED();
811 int res = REAL(fstatat)(fd, pathname, buf, flags);
812 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz);
813 return res;
814 }
815 # define MSAN_MAYBE_INTERCEPT_FSTATAT MSAN_INTERCEPT_FUNC(fstatat)
816 #else
817 # define MSAN_MAYBE_INTERCEPT_FSTATAT
818 #endif
819
820 #if SANITIZER_STAT_LINUX
INTERCEPTOR(int,fstatat64,int fd,char * pathname,void * buf,int flags)821 INTERCEPTOR(int, fstatat64, int fd, char *pathname, void *buf, int flags) {
822 ENSURE_MSAN_INITED();
823 int res = REAL(fstatat64)(fd, pathname, buf, flags);
824 if (!res)
825 __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
826 return res;
827 }
828 # define MSAN_MAYBE_INTERCEPT_FSTATAT64 MSAN_INTERCEPT_FUNC(fstatat64)
829 #else
830 # define MSAN_MAYBE_INTERCEPT_FSTATAT64
831 #endif
832
833 #if SANITIZER_GLIBC
INTERCEPTOR(int,__fxstatat,int magic,int fd,char * pathname,void * buf,int flags)834 INTERCEPTOR(int, __fxstatat, int magic, int fd, char *pathname, void *buf,
835 int flags) {
836 ENSURE_MSAN_INITED();
837 int res = REAL(__fxstatat)(magic, fd, pathname, buf, flags);
838 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat_sz);
839 return res;
840 }
841 # define MSAN_MAYBE_INTERCEPT___FXSTATAT MSAN_INTERCEPT_FUNC(__fxstatat)
842 #else
843 # define MSAN_MAYBE_INTERCEPT___FXSTATAT
844 #endif
845
846 #if SANITIZER_GLIBC
INTERCEPTOR(int,__fxstatat64,int magic,int fd,char * pathname,void * buf,int flags)847 INTERCEPTOR(int, __fxstatat64, int magic, int fd, char *pathname, void *buf,
848 int flags) {
849 ENSURE_MSAN_INITED();
850 int res = REAL(__fxstatat64)(magic, fd, pathname, buf, flags);
851 if (!res) __msan_unpoison(buf, __sanitizer::struct_stat64_sz);
852 return res;
853 }
854 # define MSAN_MAYBE_INTERCEPT___FXSTATAT64 MSAN_INTERCEPT_FUNC(__fxstatat64)
855 #else
856 # define MSAN_MAYBE_INTERCEPT___FXSTATAT64
857 #endif
858
INTERCEPTOR(int,pipe,int pipefd[2])859 INTERCEPTOR(int, pipe, int pipefd[2]) {
860 if (msan_init_is_running)
861 return REAL(pipe)(pipefd);
862 ENSURE_MSAN_INITED();
863 int res = REAL(pipe)(pipefd);
864 if (!res)
865 __msan_unpoison(pipefd, sizeof(int[2]));
866 return res;
867 }
868
INTERCEPTOR(int,pipe2,int pipefd[2],int flags)869 INTERCEPTOR(int, pipe2, int pipefd[2], int flags) {
870 ENSURE_MSAN_INITED();
871 int res = REAL(pipe2)(pipefd, flags);
872 if (!res)
873 __msan_unpoison(pipefd, sizeof(int[2]));
874 return res;
875 }
876
INTERCEPTOR(int,socketpair,int domain,int type,int protocol,int sv[2])877 INTERCEPTOR(int, socketpair, int domain, int type, int protocol, int sv[2]) {
878 ENSURE_MSAN_INITED();
879 int res = REAL(socketpair)(domain, type, protocol, sv);
880 if (!res)
881 __msan_unpoison(sv, sizeof(int[2]));
882 return res;
883 }
884
885 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(char *,fgets_unlocked,char * s,int size,void * stream)886 INTERCEPTOR(char *, fgets_unlocked, char *s, int size, void *stream) {
887 ENSURE_MSAN_INITED();
888 char *res = REAL(fgets_unlocked)(s, size, stream);
889 if (res)
890 __msan_unpoison(s, internal_strlen(s) + 1);
891 return res;
892 }
893 #define MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED INTERCEPT_FUNCTION(fgets_unlocked)
894 #else
895 #define MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED
896 #endif
897
898 #define INTERCEPTOR_GETRLIMIT_BODY(func, resource, rlim) \
899 if (msan_init_is_running) \
900 return REAL(getrlimit)(resource, rlim); \
901 ENSURE_MSAN_INITED(); \
902 int res = REAL(func)(resource, rlim); \
903 if (!res) \
904 __msan_unpoison(rlim, __sanitizer::struct_rlimit_sz); \
905 return res
906
INTERCEPTOR(int,getrlimit,int resource,void * rlim)907 INTERCEPTOR(int, getrlimit, int resource, void *rlim) {
908 INTERCEPTOR_GETRLIMIT_BODY(getrlimit, resource, rlim);
909 }
910
911 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int,__getrlimit,int resource,void * rlim)912 INTERCEPTOR(int, __getrlimit, int resource, void *rlim) {
913 INTERCEPTOR_GETRLIMIT_BODY(__getrlimit, resource, rlim);
914 }
915
INTERCEPTOR(int,getrlimit64,int resource,void * rlim)916 INTERCEPTOR(int, getrlimit64, int resource, void *rlim) {
917 if (msan_init_is_running) return REAL(getrlimit64)(resource, rlim);
918 ENSURE_MSAN_INITED();
919 int res = REAL(getrlimit64)(resource, rlim);
920 if (!res) __msan_unpoison(rlim, __sanitizer::struct_rlimit64_sz);
921 return res;
922 }
923
INTERCEPTOR(int,prlimit,int pid,int resource,void * new_rlimit,void * old_rlimit)924 INTERCEPTOR(int, prlimit, int pid, int resource, void *new_rlimit,
925 void *old_rlimit) {
926 if (msan_init_is_running)
927 return REAL(prlimit)(pid, resource, new_rlimit, old_rlimit);
928 ENSURE_MSAN_INITED();
929 CHECK_UNPOISONED(new_rlimit, __sanitizer::struct_rlimit_sz);
930 int res = REAL(prlimit)(pid, resource, new_rlimit, old_rlimit);
931 if (!res) __msan_unpoison(old_rlimit, __sanitizer::struct_rlimit_sz);
932 return res;
933 }
934
INTERCEPTOR(int,prlimit64,int pid,int resource,void * new_rlimit,void * old_rlimit)935 INTERCEPTOR(int, prlimit64, int pid, int resource, void *new_rlimit,
936 void *old_rlimit) {
937 if (msan_init_is_running)
938 return REAL(prlimit64)(pid, resource, new_rlimit, old_rlimit);
939 ENSURE_MSAN_INITED();
940 CHECK_UNPOISONED(new_rlimit, __sanitizer::struct_rlimit64_sz);
941 int res = REAL(prlimit64)(pid, resource, new_rlimit, old_rlimit);
942 if (!res) __msan_unpoison(old_rlimit, __sanitizer::struct_rlimit64_sz);
943 return res;
944 }
945
946 #define MSAN_MAYBE_INTERCEPT___GETRLIMIT INTERCEPT_FUNCTION(__getrlimit)
947 #define MSAN_MAYBE_INTERCEPT_GETRLIMIT64 INTERCEPT_FUNCTION(getrlimit64)
948 #define MSAN_MAYBE_INTERCEPT_PRLIMIT INTERCEPT_FUNCTION(prlimit)
949 #define MSAN_MAYBE_INTERCEPT_PRLIMIT64 INTERCEPT_FUNCTION(prlimit64)
950 #else
951 #define MSAN_MAYBE_INTERCEPT___GETRLIMIT
952 #define MSAN_MAYBE_INTERCEPT_GETRLIMIT64
953 #define MSAN_MAYBE_INTERCEPT_PRLIMIT
954 #define MSAN_MAYBE_INTERCEPT_PRLIMIT64
955 #endif
956
INTERCEPTOR(int,gethostname,char * name,SIZE_T len)957 INTERCEPTOR(int, gethostname, char *name, SIZE_T len) {
958 ENSURE_MSAN_INITED();
959 int res = REAL(gethostname)(name, len);
960 if (!res || (res == -1 && errno == errno_ENAMETOOLONG)) {
961 SIZE_T real_len = internal_strnlen(name, len);
962 if (real_len < len)
963 ++real_len;
964 __msan_unpoison(name, real_len);
965 }
966 return res;
967 }
968
969 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int,epoll_wait,int epfd,void * events,int maxevents,int timeout)970 INTERCEPTOR(int, epoll_wait, int epfd, void *events, int maxevents,
971 int timeout) {
972 ENSURE_MSAN_INITED();
973 int res = REAL(epoll_wait)(epfd, events, maxevents, timeout);
974 if (res > 0) {
975 __msan_unpoison(events, __sanitizer::struct_epoll_event_sz * res);
976 }
977 return res;
978 }
979 #define MSAN_MAYBE_INTERCEPT_EPOLL_WAIT INTERCEPT_FUNCTION(epoll_wait)
980 #else
981 #define MSAN_MAYBE_INTERCEPT_EPOLL_WAIT
982 #endif
983
984 #if !SANITIZER_FREEBSD && !SANITIZER_NETBSD
INTERCEPTOR(int,epoll_pwait,int epfd,void * events,int maxevents,int timeout,void * sigmask)985 INTERCEPTOR(int, epoll_pwait, int epfd, void *events, int maxevents,
986 int timeout, void *sigmask) {
987 ENSURE_MSAN_INITED();
988 int res = REAL(epoll_pwait)(epfd, events, maxevents, timeout, sigmask);
989 if (res > 0) {
990 __msan_unpoison(events, __sanitizer::struct_epoll_event_sz * res);
991 }
992 return res;
993 }
994 #define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT INTERCEPT_FUNCTION(epoll_pwait)
995 #else
996 #define MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT
997 #endif
998
INTERCEPTOR(void *,calloc,SIZE_T nmemb,SIZE_T size)999 INTERCEPTOR(void *, calloc, SIZE_T nmemb, SIZE_T size) {
1000 GET_MALLOC_STACK_TRACE;
1001 if (DlsymAlloc::Use())
1002 return DlsymAlloc::Callocate(nmemb, size);
1003 return msan_calloc(nmemb, size, &stack);
1004 }
1005
INTERCEPTOR(void *,realloc,void * ptr,SIZE_T size)1006 INTERCEPTOR(void *, realloc, void *ptr, SIZE_T size) {
1007 if (DlsymAlloc::Use() || DlsymAlloc::PointerIsMine(ptr))
1008 return DlsymAlloc::Realloc(ptr, size);
1009 GET_MALLOC_STACK_TRACE;
1010 return msan_realloc(ptr, size, &stack);
1011 }
1012
INTERCEPTOR(void *,reallocarray,void * ptr,SIZE_T nmemb,SIZE_T size)1013 INTERCEPTOR(void *, reallocarray, void *ptr, SIZE_T nmemb, SIZE_T size) {
1014 GET_MALLOC_STACK_TRACE;
1015 return msan_reallocarray(ptr, nmemb, size, &stack);
1016 }
1017
INTERCEPTOR(void *,malloc,SIZE_T size)1018 INTERCEPTOR(void *, malloc, SIZE_T size) {
1019 if (DlsymAlloc::Use())
1020 return DlsymAlloc::Allocate(size);
1021 GET_MALLOC_STACK_TRACE;
1022 return msan_malloc(size, &stack);
1023 }
1024
__msan_allocated_memory(const void * data,uptr size)1025 void __msan_allocated_memory(const void *data, uptr size) {
1026 if (flags()->poison_in_malloc) {
1027 GET_MALLOC_STACK_TRACE;
1028 stack.tag = STACK_TRACE_TAG_POISON;
1029 PoisonMemory(data, size, &stack);
1030 }
1031 }
1032
__msan_copy_shadow(void * dest,const void * src,uptr n)1033 void __msan_copy_shadow(void *dest, const void *src, uptr n) {
1034 GET_STORE_STACK_TRACE;
1035 MoveShadowAndOrigin(dest, src, n, &stack);
1036 }
1037
__sanitizer_dtor_callback(const void * data,uptr size)1038 void __sanitizer_dtor_callback(const void *data, uptr size) {
1039 if (flags()->poison_in_dtor) {
1040 GET_MALLOC_STACK_TRACE;
1041 stack.tag = STACK_TRACE_TAG_POISON;
1042 PoisonMemory(data, size, &stack);
1043 }
1044 }
1045
__sanitizer_dtor_callback_fields(const void * data,uptr size)1046 void __sanitizer_dtor_callback_fields(const void *data, uptr size) {
1047 if (flags()->poison_in_dtor) {
1048 GET_MALLOC_STACK_TRACE;
1049 stack.tag = STACK_TRACE_TAG_FIELDS;
1050 PoisonMemory(data, size, &stack);
1051 }
1052 }
1053
__sanitizer_dtor_callback_vptr(const void * data)1054 void __sanitizer_dtor_callback_vptr(const void *data) {
1055 if (flags()->poison_in_dtor) {
1056 GET_MALLOC_STACK_TRACE;
1057 stack.tag = STACK_TRACE_TAG_VPTR;
1058 PoisonMemory(data, sizeof(void *), &stack);
1059 }
1060 }
1061
1062 template <class Mmap>
mmap_interceptor(Mmap real_mmap,void * addr,SIZE_T length,int prot,int flags,int fd,OFF64_T offset)1063 static void *mmap_interceptor(Mmap real_mmap, void *addr, SIZE_T length,
1064 int prot, int flags, int fd, OFF64_T offset) {
1065 SIZE_T rounded_length = RoundUpTo(length, GetPageSize());
1066 void *end_addr = (char *)addr + (rounded_length - 1);
1067 if (addr && (!MEM_IS_APP(addr) || !MEM_IS_APP(end_addr))) {
1068 if (flags & map_fixed) {
1069 errno = errno_EINVAL;
1070 return (void *)-1;
1071 } else {
1072 addr = nullptr;
1073 }
1074 }
1075 void *res = real_mmap(addr, length, prot, flags, fd, offset);
1076 if (res != (void *)-1) {
1077 void *end_res = (char *)res + (rounded_length - 1);
1078 if (MEM_IS_APP(res) && MEM_IS_APP(end_res)) {
1079 __msan_unpoison(res, rounded_length);
1080 } else {
1081 // Application has attempted to map more memory than is supported by
1082 // MSAN. Act as if we ran out of memory.
1083 internal_munmap(res, length);
1084 errno = errno_ENOMEM;
1085 return (void *)-1;
1086 }
1087 }
1088 return res;
1089 }
1090
INTERCEPTOR(int,getrusage,int who,void * usage)1091 INTERCEPTOR(int, getrusage, int who, void *usage) {
1092 ENSURE_MSAN_INITED();
1093 int res = REAL(getrusage)(who, usage);
1094 if (res == 0) {
1095 __msan_unpoison(usage, __sanitizer::struct_rusage_sz);
1096 }
1097 return res;
1098 }
1099
1100 class SignalHandlerScope {
1101 public:
SignalHandlerScope()1102 SignalHandlerScope() {
1103 if (MsanThread *t = GetCurrentThread())
1104 t->EnterSignalHandler();
1105 }
~SignalHandlerScope()1106 ~SignalHandlerScope() {
1107 if (MsanThread *t = GetCurrentThread())
1108 t->LeaveSignalHandler();
1109 }
1110 };
1111
1112 // sigactions_mu guarantees atomicity of sigaction() and signal() calls.
1113 // Access to sigactions[] is gone with relaxed atomics to avoid data race with
1114 // the signal handler.
1115 const int kMaxSignals = 1024;
1116 static atomic_uintptr_t sigactions[kMaxSignals];
1117 static StaticSpinMutex sigactions_mu;
1118
SignalHandler(int signo)1119 static void SignalHandler(int signo) {
1120 SignalHandlerScope signal_handler_scope;
1121 ScopedThreadLocalStateBackup stlsb;
1122 UnpoisonParam(1);
1123
1124 typedef void (*signal_cb)(int x);
1125 signal_cb cb =
1126 (signal_cb)atomic_load(&sigactions[signo], memory_order_relaxed);
1127 cb(signo);
1128 }
1129
SignalAction(int signo,void * si,void * uc)1130 static void SignalAction(int signo, void *si, void *uc) {
1131 SignalHandlerScope signal_handler_scope;
1132 ScopedThreadLocalStateBackup stlsb;
1133 UnpoisonParam(3);
1134 __msan_unpoison(si, sizeof(__sanitizer_sigaction));
1135 __msan_unpoison(uc, ucontext_t_sz(uc));
1136
1137 typedef void (*sigaction_cb)(int, void *, void *);
1138 sigaction_cb cb =
1139 (sigaction_cb)atomic_load(&sigactions[signo], memory_order_relaxed);
1140 cb(signo, si, uc);
1141 CHECK_UNPOISONED(uc, ucontext_t_sz(uc));
1142 }
1143
read_sigaction(const __sanitizer_sigaction * act)1144 static void read_sigaction(const __sanitizer_sigaction *act) {
1145 CHECK_UNPOISONED(&act->sa_flags, sizeof(act->sa_flags));
1146 if (act->sa_flags & __sanitizer::sa_siginfo)
1147 CHECK_UNPOISONED(&act->sigaction, sizeof(act->sigaction));
1148 else
1149 CHECK_UNPOISONED(&act->handler, sizeof(act->handler));
1150 CHECK_UNPOISONED(&act->sa_mask, sizeof(act->sa_mask));
1151 }
1152
1153 extern "C" int pthread_attr_init(void *attr);
1154 extern "C" int pthread_attr_destroy(void *attr);
1155
MsanThreadStartFunc(void * arg)1156 static void *MsanThreadStartFunc(void *arg) {
1157 MsanThread *t = (MsanThread *)arg;
1158 SetCurrentThread(t);
1159 t->Init();
1160 SetSigProcMask(&t->starting_sigset_, nullptr);
1161 return t->ThreadStart();
1162 }
1163
INTERCEPTOR(int,pthread_create,void * th,void * attr,void * (* callback)(void *),void * param)1164 INTERCEPTOR(int, pthread_create, void *th, void *attr, void *(*callback)(void*),
1165 void * param) {
1166 ENSURE_MSAN_INITED(); // for GetTlsSize()
1167 __sanitizer_pthread_attr_t myattr;
1168 if (!attr) {
1169 pthread_attr_init(&myattr);
1170 attr = &myattr;
1171 }
1172
1173 AdjustStackSize(attr);
1174
1175 MsanThread *t = MsanThread::Create(callback, param);
1176 ScopedBlockSignals block(&t->starting_sigset_);
1177 int res = REAL(pthread_create)(th, attr, MsanThreadStartFunc, t);
1178
1179 if (attr == &myattr)
1180 pthread_attr_destroy(&myattr);
1181 if (!res) {
1182 __msan_unpoison(th, __sanitizer::pthread_t_sz);
1183 }
1184 return res;
1185 }
1186
INTERCEPTOR(int,pthread_key_create,__sanitizer_pthread_key_t * key,void (* dtor)(void * value))1187 INTERCEPTOR(int, pthread_key_create, __sanitizer_pthread_key_t *key,
1188 void (*dtor)(void *value)) {
1189 if (msan_init_is_running) return REAL(pthread_key_create)(key, dtor);
1190 ENSURE_MSAN_INITED();
1191 int res = REAL(pthread_key_create)(key, dtor);
1192 if (!res && key)
1193 __msan_unpoison(key, sizeof(*key));
1194 return res;
1195 }
1196
1197 #if SANITIZER_NETBSD
1198 INTERCEPTOR(int, __libc_thr_keycreate, __sanitizer_pthread_key_t *m,
1199 void (*dtor)(void *value))
1200 ALIAS(WRAP(pthread_key_create));
1201 #endif
1202
INTERCEPTOR(int,pthread_join,void * thread,void ** retval)1203 INTERCEPTOR(int, pthread_join, void *thread, void **retval) {
1204 ENSURE_MSAN_INITED();
1205 int res = REAL(pthread_join)(thread, retval);
1206 if (!res && retval)
1207 __msan_unpoison(retval, sizeof(*retval));
1208 return res;
1209 }
1210
1211 #if SANITIZER_GLIBC
INTERCEPTOR(int,pthread_tryjoin_np,void * thread,void ** retval)1212 INTERCEPTOR(int, pthread_tryjoin_np, void *thread, void **retval) {
1213 ENSURE_MSAN_INITED();
1214 int res = REAL(pthread_tryjoin_np)(thread, retval);
1215 if (!res && retval)
1216 __msan_unpoison(retval, sizeof(*retval));
1217 return res;
1218 }
1219
INTERCEPTOR(int,pthread_timedjoin_np,void * thread,void ** retval,const struct timespec * abstime)1220 INTERCEPTOR(int, pthread_timedjoin_np, void *thread, void **retval,
1221 const struct timespec *abstime) {
1222 int res = REAL(pthread_timedjoin_np)(thread, retval, abstime);
1223 if (!res && retval)
1224 __msan_unpoison(retval, sizeof(*retval));
1225 return res;
1226 }
1227 #endif
1228
1229 DEFINE_INTERNAL_PTHREAD_FUNCTIONS
1230
1231 extern char *tzname[2];
1232
INTERCEPTOR(void,tzset,int fake)1233 INTERCEPTOR(void, tzset, int fake) {
1234 ENSURE_MSAN_INITED();
1235 InterceptorScope interceptor_scope;
1236 REAL(tzset)(fake);
1237 if (tzname[0])
1238 __msan_unpoison(tzname[0], internal_strlen(tzname[0]) + 1);
1239 if (tzname[1])
1240 __msan_unpoison(tzname[1], internal_strlen(tzname[1]) + 1);
1241 return;
1242 }
1243
1244 struct MSanAtExitRecord {
1245 void (*func)(void *arg);
1246 void *arg;
1247 };
1248
1249 struct InterceptorContext {
1250 Mutex atexit_mu;
1251 Vector<struct MSanAtExitRecord *> AtExitStack;
1252
InterceptorContextInterceptorContext1253 InterceptorContext()
1254 : AtExitStack() {
1255 }
1256 };
1257
1258 alignas(64) static char interceptor_placeholder[sizeof(InterceptorContext)];
interceptor_ctx()1259 InterceptorContext *interceptor_ctx() {
1260 return reinterpret_cast<InterceptorContext*>(&interceptor_placeholder[0]);
1261 }
1262
MSanAtExitWrapper()1263 void MSanAtExitWrapper() {
1264 MSanAtExitRecord *r;
1265 {
1266 Lock l(&interceptor_ctx()->atexit_mu);
1267
1268 uptr element = interceptor_ctx()->AtExitStack.Size() - 1;
1269 r = interceptor_ctx()->AtExitStack[element];
1270 interceptor_ctx()->AtExitStack.PopBack();
1271 }
1272
1273 UnpoisonParam(1);
1274 ((void(*)())r->func)();
1275 InternalFree(r);
1276 }
1277
MSanCxaAtExitWrapper(void * arg)1278 void MSanCxaAtExitWrapper(void *arg) {
1279 UnpoisonParam(1);
1280 MSanAtExitRecord *r = (MSanAtExitRecord *)arg;
1281 // libc before 2.27 had race which caused occasional double handler execution
1282 // https://sourceware.org/ml/libc-alpha/2017-08/msg01204.html
1283 if (!r->func)
1284 return;
1285 r->func(r->arg);
1286 r->func = nullptr;
1287 }
1288
1289 static int setup_at_exit_wrapper(void(*f)(), void *arg, void *dso);
1290
1291 // Unpoison argument shadow for C++ module destructors.
INTERCEPTOR(int,__cxa_atexit,void (* func)(void *),void * arg,void * dso_handle)1292 INTERCEPTOR(int, __cxa_atexit, void (*func)(void *), void *arg,
1293 void *dso_handle) {
1294 if (msan_init_is_running) return REAL(__cxa_atexit)(func, arg, dso_handle);
1295 return setup_at_exit_wrapper((void(*)())func, arg, dso_handle);
1296 }
1297
1298 // Unpoison argument shadow for C++ module destructors.
INTERCEPTOR(int,atexit,void (* func)())1299 INTERCEPTOR(int, atexit, void (*func)()) {
1300 // Avoid calling real atexit as it is unreachable on at least on Linux.
1301 if (msan_init_is_running)
1302 return REAL(__cxa_atexit)((void (*)(void *a))func, 0, 0);
1303 return setup_at_exit_wrapper((void(*)())func, 0, 0);
1304 }
1305
setup_at_exit_wrapper(void (* f)(),void * arg,void * dso)1306 static int setup_at_exit_wrapper(void(*f)(), void *arg, void *dso) {
1307 ENSURE_MSAN_INITED();
1308 MSanAtExitRecord *r =
1309 (MSanAtExitRecord *)InternalAlloc(sizeof(MSanAtExitRecord));
1310 r->func = (void(*)(void *a))f;
1311 r->arg = arg;
1312 int res;
1313 if (!dso) {
1314 // NetBSD does not preserve the 2nd argument if dso is equal to 0
1315 // Store ctx in a local stack-like structure
1316
1317 Lock l(&interceptor_ctx()->atexit_mu);
1318
1319 res = REAL(__cxa_atexit)((void (*)(void *a))MSanAtExitWrapper, 0, 0);
1320 if (!res) {
1321 interceptor_ctx()->AtExitStack.PushBack(r);
1322 }
1323 } else {
1324 res = REAL(__cxa_atexit)(MSanCxaAtExitWrapper, r, dso);
1325 }
1326 return res;
1327 }
1328
1329 // NetBSD ships with openpty(3) in -lutil, that needs to be prebuilt explicitly
1330 // with MSan.
1331 #if SANITIZER_LINUX
INTERCEPTOR(int,openpty,int * aparent,int * aworker,char * name,const void * termp,const void * winp)1332 INTERCEPTOR(int, openpty, int *aparent, int *aworker, char *name,
1333 const void *termp, const void *winp) {
1334 ENSURE_MSAN_INITED();
1335 InterceptorScope interceptor_scope;
1336 int res = REAL(openpty)(aparent, aworker, name, termp, winp);
1337 if (!res) {
1338 __msan_unpoison(aparent, sizeof(*aparent));
1339 __msan_unpoison(aworker, sizeof(*aworker));
1340 }
1341 return res;
1342 }
1343 #define MSAN_MAYBE_INTERCEPT_OPENPTY INTERCEPT_FUNCTION(openpty)
1344 #else
1345 #define MSAN_MAYBE_INTERCEPT_OPENPTY
1346 #endif
1347
1348 // NetBSD ships with forkpty(3) in -lutil, that needs to be prebuilt explicitly
1349 // with MSan.
1350 #if SANITIZER_LINUX
INTERCEPTOR(int,forkpty,int * aparent,char * name,const void * termp,const void * winp)1351 INTERCEPTOR(int, forkpty, int *aparent, char *name, const void *termp,
1352 const void *winp) {
1353 ENSURE_MSAN_INITED();
1354 InterceptorScope interceptor_scope;
1355 int res = REAL(forkpty)(aparent, name, termp, winp);
1356 if (res != -1)
1357 __msan_unpoison(aparent, sizeof(*aparent));
1358 return res;
1359 }
1360 #define MSAN_MAYBE_INTERCEPT_FORKPTY INTERCEPT_FUNCTION(forkpty)
1361 #else
1362 #define MSAN_MAYBE_INTERCEPT_FORKPTY
1363 #endif
1364
1365 struct MSanInterceptorContext {
1366 bool in_interceptor_scope;
1367 };
1368
1369 namespace __msan {
1370
OnExit()1371 int OnExit() {
1372 // FIXME: ask frontend whether we need to return failure.
1373 return 0;
1374 }
1375
1376 } // namespace __msan
1377
1378 // A version of CHECK_UNPOISONED using a saved scope value. Used in common
1379 // interceptors.
1380 #define CHECK_UNPOISONED_CTX(ctx, x, n) \
1381 do { \
1382 if (!((MSanInterceptorContext *)ctx)->in_interceptor_scope) \
1383 CHECK_UNPOISONED_0(x, n); \
1384 } while (0)
1385
1386 #define MSAN_INTERCEPT_FUNC(name) \
1387 do { \
1388 if (!INTERCEPT_FUNCTION(name)) \
1389 VReport(1, "MemorySanitizer: failed to intercept '%s'\n", #name); \
1390 } while (0)
1391
1392 #define MSAN_INTERCEPT_FUNC_VER(name, ver) \
1393 do { \
1394 if (!INTERCEPT_FUNCTION_VER(name, ver)) \
1395 VReport(1, "MemorySanitizer: failed to intercept '%s@@%s'\n", #name, \
1396 ver); \
1397 } while (0)
1398 #define MSAN_INTERCEPT_FUNC_VER_UNVERSIONED_FALLBACK(name, ver) \
1399 do { \
1400 if (!INTERCEPT_FUNCTION_VER(name, ver) && !INTERCEPT_FUNCTION(name)) \
1401 VReport(1, "MemorySanitizer: failed to intercept '%s@@%s' or '%s'\n", \
1402 #name, ver, #name); \
1403 } while (0)
1404
1405 #define COMMON_INTERCEPT_FUNCTION(name) MSAN_INTERCEPT_FUNC(name)
1406 #define COMMON_INTERCEPT_FUNCTION_VER(name, ver) \
1407 MSAN_INTERCEPT_FUNC_VER(name, ver)
1408 #define COMMON_INTERCEPT_FUNCTION_VER_UNVERSIONED_FALLBACK(name, ver) \
1409 MSAN_INTERCEPT_FUNC_VER_UNVERSIONED_FALLBACK(name, ver)
1410 #define COMMON_INTERCEPTOR_UNPOISON_PARAM(count) \
1411 UnpoisonParam(count)
1412 #define COMMON_INTERCEPTOR_WRITE_RANGE(ctx, ptr, size) \
1413 __msan_unpoison(ptr, size)
1414 #define COMMON_INTERCEPTOR_READ_RANGE(ctx, ptr, size) \
1415 CHECK_UNPOISONED_CTX(ctx, ptr, size)
1416 #define COMMON_INTERCEPTOR_INITIALIZE_RANGE(ptr, size) \
1417 __msan_unpoison(ptr, size)
1418 #define COMMON_INTERCEPTOR_ENTER(ctx, func, ...) \
1419 if (msan_init_is_running) \
1420 return REAL(func)(__VA_ARGS__); \
1421 ENSURE_MSAN_INITED(); \
1422 MSanInterceptorContext msan_ctx = {IsInInterceptorScope()}; \
1423 ctx = (void *)&msan_ctx; \
1424 (void)ctx; \
1425 InterceptorScope interceptor_scope; \
1426 __msan_unpoison(__errno_location(), sizeof(int));
1427 #define COMMON_INTERCEPTOR_DIR_ACQUIRE(ctx, path) \
1428 do { \
1429 } while (false)
1430 #define COMMON_INTERCEPTOR_FD_ACQUIRE(ctx, fd) \
1431 do { \
1432 } while (false)
1433 #define COMMON_INTERCEPTOR_FD_RELEASE(ctx, fd) \
1434 do { \
1435 } while (false)
1436 #define COMMON_INTERCEPTOR_FD_SOCKET_ACCEPT(ctx, fd, newfd) \
1437 do { \
1438 } while (false)
1439 #define COMMON_INTERCEPTOR_SET_THREAD_NAME(ctx, name) \
1440 do { \
1441 } while (false) // FIXME
1442 #define COMMON_INTERCEPTOR_SET_PTHREAD_NAME(ctx, thread, name) \
1443 do { \
1444 } while (false) // FIXME
1445 #define COMMON_INTERCEPTOR_BLOCK_REAL(name) REAL(name)
1446 #define COMMON_INTERCEPTOR_ON_EXIT(ctx) OnExit()
1447 #define COMMON_INTERCEPTOR_LIBRARY_LOADED(filename, handle) \
1448 do { \
1449 link_map *map = GET_LINK_MAP_BY_DLOPEN_HANDLE((handle)); \
1450 if (filename && map) \
1451 ForEachMappedRegion(map, __msan_unpoison); \
1452 } while (false)
1453
1454 #define COMMON_INTERCEPTOR_NOTHING_IS_INITIALIZED (!msan_inited)
1455
1456 #define COMMON_INTERCEPTOR_GET_TLS_RANGE(begin, end) \
1457 if (MsanThread *t = GetCurrentThread()) { \
1458 *begin = t->tls_begin(); \
1459 *end = t->tls_end(); \
1460 } else { \
1461 *begin = *end = 0; \
1462 }
1463
1464 #define COMMON_INTERCEPTOR_MEMSET_IMPL(ctx, block, c, size) \
1465 { \
1466 (void)ctx; \
1467 return __msan_memset(block, c, size); \
1468 }
1469 #define COMMON_INTERCEPTOR_MEMMOVE_IMPL(ctx, to, from, size) \
1470 { \
1471 (void)ctx; \
1472 return __msan_memmove(to, from, size); \
1473 }
1474 #define COMMON_INTERCEPTOR_MEMCPY_IMPL(ctx, to, from, size) \
1475 { \
1476 (void)ctx; \
1477 return __msan_memcpy(to, from, size); \
1478 }
1479
1480 #define COMMON_INTERCEPTOR_COPY_STRING(ctx, to, from, size) \
1481 do { \
1482 GET_STORE_STACK_TRACE; \
1483 CopyShadowAndOrigin(to, from, size, &stack); \
1484 __msan_unpoison(to + size, 1); \
1485 } while (false)
1486
1487 #define COMMON_INTERCEPTOR_MMAP_IMPL(ctx, mmap, addr, length, prot, flags, fd, \
1488 offset) \
1489 do { \
1490 return mmap_interceptor(REAL(mmap), addr, sz, prot, flags, fd, off); \
1491 } while (false)
1492
1493 #include "sanitizer_common/sanitizer_platform_interceptors.h"
1494 #include "sanitizer_common/sanitizer_common_interceptors_memintrinsics.inc"
1495 #include "sanitizer_common/sanitizer_common_interceptors.inc"
1496
1497 static uptr signal_impl(int signo, uptr cb);
1498 static int sigaction_impl(int signo, const __sanitizer_sigaction *act,
1499 __sanitizer_sigaction *oldact);
1500
1501 #define SIGNAL_INTERCEPTOR_SIGACTION_IMPL(signo, act, oldact) \
1502 { return sigaction_impl(signo, act, oldact); }
1503
1504 #define SIGNAL_INTERCEPTOR_SIGNAL_IMPL(func, signo, handler) \
1505 { \
1506 handler = signal_impl(signo, handler); \
1507 InterceptorScope interceptor_scope; \
1508 return REAL(func)(signo, handler); \
1509 }
1510
1511 #define SIGNAL_INTERCEPTOR_ENTER() ENSURE_MSAN_INITED()
1512
1513 #include "sanitizer_common/sanitizer_signal_interceptors.inc"
1514
sigaction_impl(int signo,const __sanitizer_sigaction * act,__sanitizer_sigaction * oldact)1515 static int sigaction_impl(int signo, const __sanitizer_sigaction *act,
1516 __sanitizer_sigaction *oldact) {
1517 ENSURE_MSAN_INITED();
1518 if (signo <= 0 || signo >= kMaxSignals) {
1519 errno = errno_EINVAL;
1520 return -1;
1521 }
1522 if (act) read_sigaction(act);
1523 int res;
1524 if (flags()->wrap_signals) {
1525 SpinMutexLock lock(&sigactions_mu);
1526 uptr old_cb = atomic_load(&sigactions[signo], memory_order_relaxed);
1527 __sanitizer_sigaction new_act;
1528 __sanitizer_sigaction *pnew_act = act ? &new_act : nullptr;
1529 if (act) {
1530 REAL(memcpy)(pnew_act, act, sizeof(__sanitizer_sigaction));
1531 uptr cb = (uptr)pnew_act->sigaction;
1532 uptr new_cb = (pnew_act->sa_flags & __sanitizer::sa_siginfo)
1533 ? (uptr)SignalAction
1534 : (uptr)SignalHandler;
1535 if (cb != __sanitizer::sig_ign && cb != __sanitizer::sig_dfl) {
1536 atomic_store(&sigactions[signo], cb, memory_order_relaxed);
1537 pnew_act->sigaction = (decltype(pnew_act->sigaction))new_cb;
1538 }
1539 }
1540 res = REAL(SIGACTION_SYMNAME)(signo, pnew_act, oldact);
1541 if (res == 0 && oldact) {
1542 uptr cb = (uptr)oldact->sigaction;
1543 if (cb == (uptr)SignalAction || cb == (uptr)SignalHandler) {
1544 oldact->sigaction = (decltype(oldact->sigaction))old_cb;
1545 }
1546 }
1547 } else {
1548 res = REAL(SIGACTION_SYMNAME)(signo, act, oldact);
1549 }
1550
1551 if (res == 0 && oldact) {
1552 __msan_unpoison(oldact, sizeof(__sanitizer_sigaction));
1553 }
1554 return res;
1555 }
1556
signal_impl(int signo,uptr cb)1557 static uptr signal_impl(int signo, uptr cb) {
1558 ENSURE_MSAN_INITED();
1559 if (signo <= 0 || signo >= kMaxSignals) {
1560 errno = errno_EINVAL;
1561 return -1;
1562 }
1563 if (flags()->wrap_signals) {
1564 SpinMutexLock lock(&sigactions_mu);
1565 if (cb != __sanitizer::sig_ign && cb != __sanitizer::sig_dfl) {
1566 atomic_store(&sigactions[signo], cb, memory_order_relaxed);
1567 cb = (uptr)&SignalHandler;
1568 }
1569 }
1570 return cb;
1571 }
1572
1573 #define COMMON_SYSCALL_PRE_READ_RANGE(p, s) CHECK_UNPOISONED(p, s)
1574 #define COMMON_SYSCALL_PRE_WRITE_RANGE(p, s) \
1575 do { \
1576 } while (false)
1577 #define COMMON_SYSCALL_POST_READ_RANGE(p, s) \
1578 do { \
1579 } while (false)
1580 #define COMMON_SYSCALL_POST_WRITE_RANGE(p, s) __msan_unpoison(p, s)
1581 #include "sanitizer_common/sanitizer_common_syscalls.inc"
1582 #include "sanitizer_common/sanitizer_syscalls_netbsd.inc"
1583
INTERCEPTOR(const char *,strsignal,int sig)1584 INTERCEPTOR(const char *, strsignal, int sig) {
1585 void *ctx;
1586 COMMON_INTERCEPTOR_ENTER(ctx, strsignal, sig);
1587 const char *res = REAL(strsignal)(sig);
1588 if (res)
1589 __msan_unpoison(res, internal_strlen(res) + 1);
1590 return res;
1591 }
1592
INTERCEPTOR(int,dladdr,void * addr,void * info)1593 INTERCEPTOR(int, dladdr, void *addr, void *info) {
1594 void *ctx;
1595 COMMON_INTERCEPTOR_ENTER(ctx, dladdr, addr, info);
1596 int res = REAL(dladdr)(addr, info);
1597 if (res != 0)
1598 UnpoisonDllAddrInfo(info);
1599 return res;
1600 }
1601
1602 #if SANITIZER_GLIBC
INTERCEPTOR(int,dladdr1,void * addr,void * info,void ** extra_info,int flags)1603 INTERCEPTOR(int, dladdr1, void *addr, void *info, void **extra_info,
1604 int flags) {
1605 void *ctx;
1606 COMMON_INTERCEPTOR_ENTER(ctx, dladdr1, addr, info, extra_info, flags);
1607 int res = REAL(dladdr1)(addr, info, extra_info, flags);
1608 if (res != 0) {
1609 UnpoisonDllAddrInfo(info);
1610 UnpoisonDllAddr1ExtraInfo(extra_info, flags);
1611 }
1612 return res;
1613 }
1614 # define MSAN_MAYBE_INTERCEPT_DLADDR1 MSAN_INTERCEPT_FUNC(dladdr1)
1615 #else
1616 #define MSAN_MAYBE_INTERCEPT_DLADDR1
1617 #endif
1618
INTERCEPTOR(char *,dlerror,int fake)1619 INTERCEPTOR(char *, dlerror, int fake) {
1620 void *ctx;
1621 COMMON_INTERCEPTOR_ENTER(ctx, dlerror, fake);
1622 char *res = REAL(dlerror)(fake);
1623 if (res)
1624 __msan_unpoison(res, internal_strlen(res) + 1);
1625 return res;
1626 }
1627
1628 typedef int (*dl_iterate_phdr_cb)(__sanitizer_dl_phdr_info *info, SIZE_T size,
1629 void *data);
1630 struct dl_iterate_phdr_data {
1631 dl_iterate_phdr_cb callback;
1632 void *data;
1633 };
1634
msan_dl_iterate_phdr_cb(__sanitizer_dl_phdr_info * info,SIZE_T size,void * data)1635 static int msan_dl_iterate_phdr_cb(__sanitizer_dl_phdr_info *info, SIZE_T size,
1636 void *data) {
1637 if (info) {
1638 __msan_unpoison(info, size);
1639 if (info->dlpi_phdr && info->dlpi_phnum)
1640 __msan_unpoison(info->dlpi_phdr, struct_ElfW_Phdr_sz * info->dlpi_phnum);
1641 if (info->dlpi_name)
1642 __msan_unpoison(info->dlpi_name, internal_strlen(info->dlpi_name) + 1);
1643 }
1644 dl_iterate_phdr_data *cbdata = (dl_iterate_phdr_data *)data;
1645 UnpoisonParam(3);
1646 return cbdata->callback(info, size, cbdata->data);
1647 }
1648
INTERCEPTOR(void *,shmat,int shmid,const void * shmaddr,int shmflg)1649 INTERCEPTOR(void *, shmat, int shmid, const void *shmaddr, int shmflg) {
1650 ENSURE_MSAN_INITED();
1651 void *p = REAL(shmat)(shmid, shmaddr, shmflg);
1652 if (p != (void *)-1) {
1653 __sanitizer_shmid_ds ds;
1654 int res = REAL(shmctl)(shmid, shmctl_ipc_stat, &ds);
1655 if (!res) {
1656 __msan_unpoison(p, ds.shm_segsz);
1657 }
1658 }
1659 return p;
1660 }
1661
INTERCEPTOR(int,dl_iterate_phdr,dl_iterate_phdr_cb callback,void * data)1662 INTERCEPTOR(int, dl_iterate_phdr, dl_iterate_phdr_cb callback, void *data) {
1663 void *ctx;
1664 COMMON_INTERCEPTOR_ENTER(ctx, dl_iterate_phdr, callback, data);
1665 dl_iterate_phdr_data cbdata;
1666 cbdata.callback = callback;
1667 cbdata.data = data;
1668 int res = REAL(dl_iterate_phdr)(msan_dl_iterate_phdr_cb, (void *)&cbdata);
1669 return res;
1670 }
1671
1672 // wchar_t *wcschr(const wchar_t *wcs, wchar_t wc);
INTERCEPTOR(wchar_t *,wcschr,void * s,wchar_t wc,void * ps)1673 INTERCEPTOR(wchar_t *, wcschr, void *s, wchar_t wc, void *ps) {
1674 ENSURE_MSAN_INITED();
1675 wchar_t *res = REAL(wcschr)(s, wc, ps);
1676 return res;
1677 }
1678
1679 // wchar_t *wcscpy(wchar_t *dest, const wchar_t *src);
INTERCEPTOR(wchar_t *,wcscpy,wchar_t * dest,const wchar_t * src)1680 INTERCEPTOR(wchar_t *, wcscpy, wchar_t *dest, const wchar_t *src) {
1681 ENSURE_MSAN_INITED();
1682 GET_STORE_STACK_TRACE;
1683 wchar_t *res = REAL(wcscpy)(dest, src);
1684 CopyShadowAndOrigin(dest, src, sizeof(wchar_t) * (internal_wcslen(src) + 1),
1685 &stack);
1686 return res;
1687 }
1688
INTERCEPTOR(wchar_t *,wcsncpy,wchar_t * dest,const wchar_t * src,SIZE_T n)1689 INTERCEPTOR(wchar_t *, wcsncpy, wchar_t *dest, const wchar_t *src, SIZE_T n) {
1690 ENSURE_MSAN_INITED();
1691 GET_STORE_STACK_TRACE;
1692 SIZE_T copy_size = internal_wcsnlen(src, n);
1693 if (copy_size < n) copy_size++; // trailing \0
1694 wchar_t *res = REAL(wcsncpy)(dest, src, n);
1695 CopyShadowAndOrigin(dest, src, copy_size * sizeof(wchar_t), &stack);
1696 __msan_unpoison(dest + copy_size, (n - copy_size) * sizeof(wchar_t));
1697 return res;
1698 }
1699
1700 // These interface functions reside here so that they can use
1701 // REAL(memset), etc.
__msan_unpoison(const void * a,uptr size)1702 void __msan_unpoison(const void *a, uptr size) {
1703 if (!MEM_IS_APP(a)) return;
1704 SetShadow(a, size, 0);
1705 }
1706
__msan_poison(const void * a,uptr size)1707 void __msan_poison(const void *a, uptr size) {
1708 if (!MEM_IS_APP(a)) return;
1709 SetShadow(a, size, __msan::flags()->poison_heap_with_zeroes ? 0 : -1);
1710 }
1711
__msan_poison_stack(void * a,uptr size)1712 void __msan_poison_stack(void *a, uptr size) {
1713 if (!MEM_IS_APP(a)) return;
1714 SetShadow(a, size, __msan::flags()->poison_stack_with_zeroes ? 0 : -1);
1715 }
1716
__msan_unpoison_param(uptr n)1717 void __msan_unpoison_param(uptr n) { UnpoisonParam(n); }
1718
__msan_clear_and_unpoison(void * a,uptr size)1719 void __msan_clear_and_unpoison(void *a, uptr size) {
1720 REAL(memset)(a, 0, size);
1721 SetShadow(a, size, 0);
1722 }
1723
__msan_memcpy(void * dest,const void * src,SIZE_T n)1724 void *__msan_memcpy(void *dest, const void *src, SIZE_T n) {
1725 if (!msan_inited) return internal_memcpy(dest, src, n);
1726 if (msan_init_is_running || __msan::IsInSymbolizerOrUnwider())
1727 return REAL(memcpy)(dest, src, n);
1728 ENSURE_MSAN_INITED();
1729 GET_STORE_STACK_TRACE;
1730 void *res = REAL(memcpy)(dest, src, n);
1731 CopyShadowAndOrigin(dest, src, n, &stack);
1732 return res;
1733 }
1734
__msan_memset(void * s,int c,SIZE_T n)1735 void *__msan_memset(void *s, int c, SIZE_T n) {
1736 if (!msan_inited) return internal_memset(s, c, n);
1737 if (msan_init_is_running) return REAL(memset)(s, c, n);
1738 ENSURE_MSAN_INITED();
1739 void *res = REAL(memset)(s, c, n);
1740 __msan_unpoison(s, n);
1741 return res;
1742 }
1743
__msan_memmove(void * dest,const void * src,SIZE_T n)1744 void *__msan_memmove(void *dest, const void *src, SIZE_T n) {
1745 if (!msan_inited) return internal_memmove(dest, src, n);
1746 if (msan_init_is_running) return REAL(memmove)(dest, src, n);
1747 ENSURE_MSAN_INITED();
1748 GET_STORE_STACK_TRACE;
1749 void *res = REAL(memmove)(dest, src, n);
1750 MoveShadowAndOrigin(dest, src, n, &stack);
1751 return res;
1752 }
1753
__msan_unpoison_string(const char * s)1754 void __msan_unpoison_string(const char* s) {
1755 if (!MEM_IS_APP(s)) return;
1756 __msan_unpoison(s, internal_strlen(s) + 1);
1757 }
1758
1759 namespace __msan {
1760
InitializeInterceptors()1761 void InitializeInterceptors() {
1762 static int inited = 0;
1763 CHECK_EQ(inited, 0);
1764
1765 __interception::DoesNotSupportStaticLinking();
1766
1767 new(interceptor_ctx()) InterceptorContext();
1768
1769 InitializeCommonInterceptors();
1770 InitializeSignalInterceptors();
1771
1772 INTERCEPT_FUNCTION(posix_memalign);
1773 MSAN_MAYBE_INTERCEPT_MEMALIGN;
1774 MSAN_MAYBE_INTERCEPT___LIBC_MEMALIGN;
1775 INTERCEPT_FUNCTION(valloc);
1776 MSAN_MAYBE_INTERCEPT_PVALLOC;
1777 INTERCEPT_FUNCTION(malloc);
1778 INTERCEPT_FUNCTION(calloc);
1779 INTERCEPT_FUNCTION(realloc);
1780 INTERCEPT_FUNCTION(reallocarray);
1781 INTERCEPT_FUNCTION(free);
1782 MSAN_MAYBE_INTERCEPT_CFREE;
1783 MSAN_MAYBE_INTERCEPT_MALLOC_USABLE_SIZE;
1784 MSAN_MAYBE_INTERCEPT_MALLINFO;
1785 MSAN_MAYBE_INTERCEPT_MALLINFO2;
1786 MSAN_MAYBE_INTERCEPT_MALLOPT;
1787 MSAN_MAYBE_INTERCEPT_MALLOC_STATS;
1788 INTERCEPT_FUNCTION(fread);
1789 MSAN_MAYBE_INTERCEPT_FREAD_UNLOCKED;
1790 INTERCEPT_FUNCTION(memccpy);
1791 MSAN_MAYBE_INTERCEPT_MEMPCPY;
1792 INTERCEPT_FUNCTION(bcopy);
1793 INTERCEPT_FUNCTION(wmemset);
1794 INTERCEPT_FUNCTION(wmemcpy);
1795 MSAN_MAYBE_INTERCEPT_WMEMPCPY;
1796 INTERCEPT_FUNCTION(wmemmove);
1797 INTERCEPT_FUNCTION(strcpy);
1798 MSAN_MAYBE_INTERCEPT_STPCPY;
1799 MSAN_MAYBE_INTERCEPT_STPNCPY;
1800 INTERCEPT_FUNCTION(strdup);
1801 MSAN_MAYBE_INTERCEPT___STRDUP;
1802 INTERCEPT_FUNCTION(strncpy);
1803 MSAN_MAYBE_INTERCEPT_GCVT;
1804 INTERCEPT_FUNCTION(strcat);
1805 INTERCEPT_FUNCTION(strncat);
1806 INTERCEPT_STRTO(strtod);
1807 INTERCEPT_STRTO(strtof);
1808 #ifdef SANITIZER_NLDBL_VERSION
1809 INTERCEPT_STRTO_VER(strtold, SANITIZER_NLDBL_VERSION);
1810 #else
1811 INTERCEPT_STRTO(strtold);
1812 #endif
1813 INTERCEPT_STRTO(strtol);
1814 INTERCEPT_STRTO(strtoul);
1815 INTERCEPT_STRTO(strtoll);
1816 INTERCEPT_STRTO(strtoull);
1817 INTERCEPT_STRTO(strtouq);
1818 INTERCEPT_STRTO(wcstod);
1819 INTERCEPT_STRTO(wcstof);
1820 #ifdef SANITIZER_NLDBL_VERSION
1821 INTERCEPT_STRTO_VER(wcstold, SANITIZER_NLDBL_VERSION);
1822 #else
1823 INTERCEPT_STRTO(wcstold);
1824 #endif
1825 INTERCEPT_STRTO(wcstol);
1826 INTERCEPT_STRTO(wcstoul);
1827 INTERCEPT_STRTO(wcstoll);
1828 INTERCEPT_STRTO(wcstoull);
1829 #if SANITIZER_GLIBC
1830 INTERCEPT_STRTO(__isoc23_strtod);
1831 INTERCEPT_STRTO(__isoc23_strtof);
1832 INTERCEPT_STRTO(__isoc23_strtold);
1833 INTERCEPT_STRTO(__isoc23_strtol);
1834 INTERCEPT_STRTO(__isoc23_strtoul);
1835 INTERCEPT_STRTO(__isoc23_strtoll);
1836 INTERCEPT_STRTO(__isoc23_strtoull);
1837 INTERCEPT_STRTO(__isoc23_strtouq);
1838 INTERCEPT_STRTO(__isoc23_wcstod);
1839 INTERCEPT_STRTO(__isoc23_wcstof);
1840 INTERCEPT_STRTO(__isoc23_wcstold);
1841 INTERCEPT_STRTO(__isoc23_wcstol);
1842 INTERCEPT_STRTO(__isoc23_wcstoul);
1843 INTERCEPT_STRTO(__isoc23_wcstoll);
1844 INTERCEPT_STRTO(__isoc23_wcstoull);
1845 #endif
1846
1847 #ifdef SANITIZER_NLDBL_VERSION
1848 INTERCEPT_FUNCTION_VER(vswprintf, SANITIZER_NLDBL_VERSION);
1849 INTERCEPT_FUNCTION_VER(swprintf, SANITIZER_NLDBL_VERSION);
1850 #else
1851 INTERCEPT_FUNCTION(vswprintf);
1852 INTERCEPT_FUNCTION(swprintf);
1853 #endif
1854 INTERCEPT_FUNCTION(strftime);
1855 INTERCEPT_FUNCTION(strftime_l);
1856 MSAN_MAYBE_INTERCEPT___STRFTIME_L;
1857 INTERCEPT_FUNCTION(wcsftime);
1858 INTERCEPT_FUNCTION(wcsftime_l);
1859 MSAN_MAYBE_INTERCEPT___WCSFTIME_L;
1860 INTERCEPT_FUNCTION(mbtowc);
1861 INTERCEPT_FUNCTION(mbrtowc);
1862 INTERCEPT_FUNCTION(wcslen);
1863 INTERCEPT_FUNCTION(wcsnlen);
1864 INTERCEPT_FUNCTION(wcschr);
1865 INTERCEPT_FUNCTION(wcscpy);
1866 INTERCEPT_FUNCTION(wcsncpy);
1867 INTERCEPT_FUNCTION(wcscmp);
1868 INTERCEPT_FUNCTION(getenv);
1869 INTERCEPT_FUNCTION(setenv);
1870 INTERCEPT_FUNCTION(putenv);
1871 INTERCEPT_FUNCTION(gettimeofday);
1872 MSAN_MAYBE_INTERCEPT_FCVT;
1873 MSAN_MAYBE_INTERCEPT_FSTAT;
1874 MSAN_MAYBE_INTERCEPT_FSTAT64;
1875 MSAN_MAYBE_INTERCEPT___FXSTAT;
1876 MSAN_MAYBE_INTERCEPT_FSTATAT;
1877 MSAN_MAYBE_INTERCEPT_FSTATAT64;
1878 MSAN_MAYBE_INTERCEPT___FXSTATAT;
1879 MSAN_MAYBE_INTERCEPT___FXSTAT64;
1880 MSAN_MAYBE_INTERCEPT___FXSTATAT64;
1881 INTERCEPT_FUNCTION(pipe);
1882 INTERCEPT_FUNCTION(pipe2);
1883 INTERCEPT_FUNCTION(socketpair);
1884 MSAN_MAYBE_INTERCEPT_FGETS_UNLOCKED;
1885 INTERCEPT_FUNCTION(getrlimit);
1886 MSAN_MAYBE_INTERCEPT___GETRLIMIT;
1887 MSAN_MAYBE_INTERCEPT_GETRLIMIT64;
1888 MSAN_MAYBE_INTERCEPT_PRLIMIT;
1889 MSAN_MAYBE_INTERCEPT_PRLIMIT64;
1890 INTERCEPT_FUNCTION(gethostname);
1891 MSAN_MAYBE_INTERCEPT_EPOLL_WAIT;
1892 MSAN_MAYBE_INTERCEPT_EPOLL_PWAIT;
1893 INTERCEPT_FUNCTION(strsignal);
1894 INTERCEPT_FUNCTION(dladdr);
1895 MSAN_MAYBE_INTERCEPT_DLADDR1;
1896 INTERCEPT_FUNCTION(dlerror);
1897 INTERCEPT_FUNCTION(dl_iterate_phdr);
1898 INTERCEPT_FUNCTION(getrusage);
1899 #if defined(__mips__)
1900 INTERCEPT_FUNCTION_VER(pthread_create, "GLIBC_2.2");
1901 #else
1902 INTERCEPT_FUNCTION(pthread_create);
1903 #endif
1904 INTERCEPT_FUNCTION(pthread_join);
1905 INTERCEPT_FUNCTION(pthread_key_create);
1906 #if SANITIZER_GLIBC
1907 INTERCEPT_FUNCTION(pthread_tryjoin_np);
1908 INTERCEPT_FUNCTION(pthread_timedjoin_np);
1909 #endif
1910
1911 #if SANITIZER_NETBSD
1912 INTERCEPT_FUNCTION(__libc_thr_keycreate);
1913 #endif
1914
1915 INTERCEPT_FUNCTION(pthread_join);
1916 INTERCEPT_FUNCTION(tzset);
1917 INTERCEPT_FUNCTION(atexit);
1918 INTERCEPT_FUNCTION(__cxa_atexit);
1919 INTERCEPT_FUNCTION(shmat);
1920 MSAN_MAYBE_INTERCEPT_OPENPTY;
1921 MSAN_MAYBE_INTERCEPT_FORKPTY;
1922
1923 inited = 1;
1924 }
1925 } // namespace __msan
1926