msan: check that ucontext_t is initialized on signal return

A signal handler can alter ucontext_t to affect execution after the signal returns. Check that the contents are initialized. Restoring unitialized values in registers can't be good. Reviewed By: vitalybuka Differential Revision: https://reviews.llvm.org/D116209
2021-12-23 09:10:54 +01:00 · 2021-12-23 09:10:54 +01:00 · 395f737c33
parent 1298273e82
commit 395f737c33
2 changed files with 28 additions and 0 deletions
--- a/compiler-rt/lib/msan/msan_interceptors.cpp
+++ b/compiler-rt/lib/msan/msan_interceptors.cpp
@ -996,6 +996,7 @@ static void SignalAction(int signo, void *si, void *uc) {
  sigaction_cb cb =
      (sigaction_cb)atomic_load(&sigactions[signo], memory_order_relaxed);
  cb(signo, si, uc);
+  CHECK_UNPOISONED(uc, ucontext_t_sz(uc));
 }

 static void read_sigaction(const __sanitizer_sigaction *act) {
--- a/compiler-rt/test/msan/Linux/signal_mcontext2.cpp
+++ b/compiler-rt/test/msan/Linux/signal_mcontext2.cpp
@ -0,0 +1,27 @@
+// RUN: %clangxx_msan -fsanitize-memory-track-origins=2 -O1 %s -o %t && not %run %t 2>&1 | FileCheck %s
+
+#include <pthread.h>
+#include <signal.h>
+#include <ucontext.h>
+
+void handler(int sig, siginfo_t *info, void *uctx) {
+  volatile int uninit;
+  auto *mctx = &static_cast<ucontext_t *>(uctx)->uc_mcontext;
+  auto *fpregs = mctx->fpregs;
+  if (fpregs && fpregs->__glibc_reserved1[12] == FP_XSTATE_MAGIC1)
+    reinterpret_cast<_xstate *>(mctx->fpregs)->ymmh.ymmh_space[0] = uninit;
+  else
+    mctx->gregs[REG_RAX] = uninit;
+}
+
+int main(int argc, char **argv) {
+  struct sigaction act = {};
+  act.sa_sigaction = handler;
+  act.sa_flags = SA_SIGINFO;
+  sigfillset(&act.sa_mask);
+  sigaction(SIGPROF, &act, 0);
+  pthread_kill(pthread_self(), SIGPROF);
+  return 0;
+}
+
+// CHECK: WARNING: MemorySanitizer: