[libc-commits] [libc] [libc] Fix sendmsg iovec unpoisoning (PR #115057)
Michael Jones via libc-commits
libc-commits at lists.llvm.org
Tue Nov 5 12:26:48 PST 2024
https://github.com/michaelrj-google created https://github.com/llvm/llvm-project/pull/115057
The unpoisoning for sendmsg had a typo where it would not unpoison all
of the elements in the iovec, causing msan errors. This patch fixes
that.
>From 357f0fd1547573e0743b8984c8392725c4d36e0a Mon Sep 17 00:00:00 2001
From: Michael Jones <michaelrj at google.com>
Date: Tue, 5 Nov 2024 12:24:46 -0800
Subject: [PATCH] [libc] Fix sendmsg iovec unpoisoning
The unpoisoning for sendmsg had a typo where it would not unpoison all
of the elements in the iovec, causing msan errors. This patch fixes
that.
---
libc/src/sys/socket/linux/recvmsg.cpp | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/libc/src/sys/socket/linux/recvmsg.cpp b/libc/src/sys/socket/linux/recvmsg.cpp
index 60bbc84877b850..43929da87e16d2 100644
--- a/libc/src/sys/socket/linux/recvmsg.cpp
+++ b/libc/src/sys/socket/linux/recvmsg.cpp
@@ -40,9 +40,11 @@ LLVM_LIBC_FUNCTION(ssize_t, recvmsg,
}
// Unpoison the msghdr, as well as all its components.
+ MSAN_UNPOISON(msg, sizeof(struct msghdr));
MSAN_UNPOISON(msg->msg_name, msg->msg_namelen);
+
for (size_t i = 0; i < msg->msg_iovlen; ++i) {
- MSAN_UNPOISON(msg->msg_iov->iov_base, msg->msg_iov->iov_len);
+ MSAN_UNPOISON(msg->msg_iov[i].iov_base, msg->msg_iov[i].iov_len);
}
MSAN_UNPOISON(msg->msg_control, msg->msg_controllen);
More information about the libc-commits
mailing list