[msan] Fix open_memstream handling.

eugenis · eugenis · commit 8e2fb681e327 · 2015-07-17T16:10:37.000Z
For open_memstream() files, buffer pointer is only valid immediately after
fflush() or fclose(). Fix the fclose() interceptor to unpoison after the
REAL(fclose) call, not before it.

llvm-svn: 242535
diff --git a/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc b/compiler-rt/lib/sanitizer_common/sanitizer_common_interceptors.inc
@@ -4831,15 +4831,14 @@ INTERCEPTOR(int, fflush, __sanitizer_FILE *fp) {
 INTERCEPTOR(int, fclose, __sanitizer_FILE *fp) {
   void *ctx;
   COMMON_INTERCEPTOR_ENTER(ctx, fclose, fp);
-  if (fp) {
-    COMMON_INTERCEPTOR_FILE_CLOSE(ctx, fp);
-    const FileMetadata *m = GetInterceptorMetadata(fp);
-    if (m) {
-      COMMON_INTERCEPTOR_INITIALIZE_RANGE(*m->addr, *m->size);
-      DeleteInterceptorMetadata(fp);
-    }
+  COMMON_INTERCEPTOR_FILE_CLOSE(ctx, fp);
+  const FileMetadata *m = GetInterceptorMetadata(fp);
+  int res = REAL(fclose)(fp);
+  if (m) {
+    COMMON_INTERCEPTOR_INITIALIZE_RANGE(*m->addr, *m->size);
+    DeleteInterceptorMetadata(fp);
   }
-  return REAL(fclose)(fp);
+  return res;
 }
 #define INIT_FCLOSE COMMON_INTERCEPT_FUNCTION(fclose);
 #else
diff --git a/compiler-rt/test/sanitizer_common/TestCases/Linux/open_memstream.cc b/compiler-rt/test/sanitizer_common/TestCases/Linux/open_memstream.cc
@@ -25,34 +25,46 @@ static void check_mem_is_good(void *p, size_t s) {
 static void check_mem_is_good(void *p, size_t s) {}
 #endif
 
-static void run(void) {
+static void run(bool flush) {
   char *buf;
   size_t buf_len;
   fprintf(stderr, " &buf %p, &buf_len %p\n", &buf, &buf_len);
   FILE *fp = open_memstream(&buf, &buf_len);
   fprintf(fp, "hello");
-  fflush(fp);
-  check_mem_is_good(&buf, sizeof(buf));
-  check_mem_is_good(&buf_len, sizeof(buf_len));
-  check_mem_is_good(buf, buf_len);
+  if (flush) {
+    fflush(fp);
+    check_mem_is_good(&buf, sizeof(buf));
+    check_mem_is_good(&buf_len, sizeof(buf_len));
+    check_mem_is_good(buf, buf_len);
+  }
 
   char *p = new char[1024];
   memset(p, 'a', 1023);
   p[1023] = 0;
   for (int i = 0; i < 100; ++i)
     fprintf(fp, "%s", p);
   delete[] p;
-  fflush(fp);
-  fprintf(stderr, " %p addr %p, len %zu\n", &buf, buf, buf_len);
+
+  if (flush) {
+    fflush(fp);
+    fprintf(stderr, " %p addr %p, len %zu\n", &buf, buf, buf_len);
+    check_mem_is_good(&buf, sizeof(buf));
+    check_mem_is_good(&buf_len, sizeof(buf_len));
+    check_mem_is_good(buf, buf_len);\
+  }
+
+  fclose(fp);
   check_mem_is_good(&buf, sizeof(buf));
   check_mem_is_good(&buf_len, sizeof(buf_len));
   check_mem_is_good(buf, buf_len);
-  fclose(fp);
+
   free(buf);
 }
 
 int main(void) {
   for (int i = 0; i < 100; ++i)
-    run();
+    run(false);
+  for (int i = 0; i < 100; ++i)
+    run(true);
   return 0;
 }
