[msan] Fix open_memstream handling.

For open_memstream() files, buffer pointer is only valid immediately after fflush() or fclose(). Fix the fclose() interceptor to unpoison after the REAL(fclose) call, not before it. llvm-svn: 242535
2024-11-25 06:40:18 +00:00 · 2015-07-17 16:10:37 +00:00 · 2015-07-17 16:10:37 +00:00 · 8e2fb681e3
commit 8e2fb681e3
parent b063f5c7e1
2 changed files with 28 additions and 17 deletions
--- a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
+++ b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@ -4831,15 +4831,14 @@ INTERCEPTOR(int, fflush, __sanitizer_FILE *fp) {
 INTERCEPTOR(int, fclose, __sanitizer_FILE *fp) {
  void *ctx;
  COMMON_INTERCEPTOR_ENTER(ctx, fclose, fp);
-  if (fp) {
-    COMMON_INTERCEPTOR_FILE_CLOSE(ctx, fp);
-    const FileMetadata *m = GetInterceptorMetadata(fp);
-    if (m) {
-      COMMON_INTERCEPTOR_INITIALIZE_RANGE(*m->addr, *m->size);
-      DeleteInterceptorMetadata(fp);
-    }
+  COMMON_INTERCEPTOR_FILE_CLOSE(ctx, fp);
+  const FileMetadata *m = GetInterceptorMetadata(fp);
+  int res = REAL(fclose)(fp);
+  if (m) {
+    COMMON_INTERCEPTOR_INITIALIZE_RANGE(*m->addr, *m->size);
+    DeleteInterceptorMetadata(fp);
  }
-  return REAL(fclose)(fp);
+  return res;
 }
 #define INIT_FCLOSE COMMON_INTERCEPT_FUNCTION(fclose);
 #else
--- a/compiler-rt/test/sanitizer_common/TestCases/Linux/open_memstream.cc
+++ b/compiler-rt/test/sanitizer_common/TestCases/Linux/open_memstream.cc
@ -25,16 +25,18 @@ static void check_mem_is_good(void *p, size_t s) {
 static void check_mem_is_good(void *p, size_t s) {}
 #endif

-static void run(void) {
+static void run(bool flush) {
  char *buf;
  size_t buf_len;
  fprintf(stderr, " &buf %p, &buf_len %p\n", &buf, &buf_len);
  FILE *fp = open_memstream(&buf, &buf_len);
  fprintf(fp, "hello");
-  fflush(fp);
-  check_mem_is_good(&buf, sizeof(buf));
-  check_mem_is_good(&buf_len, sizeof(buf_len));
-  check_mem_is_good(buf, buf_len);
+  if (flush) {
+    fflush(fp);
+    check_mem_is_good(&buf, sizeof(buf));
+    check_mem_is_good(&buf_len, sizeof(buf_len));
+    check_mem_is_good(buf, buf_len);
+  }

  char *p = new char[1024];
  memset(p, 'a', 1023);
@ -42,17 +44,27 @@ static void run(void) {
  for (int i = 0; i < 100; ++i)
    fprintf(fp, "%s", p);
  delete[] p;
-  fflush(fp);
-  fprintf(stderr, " %p addr %p, len %zu\n", &buf, buf, buf_len);
+
+  if (flush) {
+    fflush(fp);
+    fprintf(stderr, " %p addr %p, len %zu\n", &buf, buf, buf_len);
+    check_mem_is_good(&buf, sizeof(buf));
+    check_mem_is_good(&buf_len, sizeof(buf_len));
+    check_mem_is_good(buf, buf_len);\
+  }
+
+  fclose(fp);
  check_mem_is_good(&buf, sizeof(buf));
  check_mem_is_good(&buf_len, sizeof(buf_len));
  check_mem_is_good(buf, buf_len);
-  fclose(fp);
+
  free(buf);
 }

 int main(void) {
  for (int i = 0; i < 100; ++i)
-    run();
+    run(false);
+  for (int i = 0; i < 100; ++i)
+    run(true);
  return 0;
 }