DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE

author Pavel Filipenský <pfilipensky@samba.org>

Fri, 9 Sep 2022 08:57:02 +0000 (10:57 +0200)

committer Andreas Schneider <asn@samba.org>

Fri, 21 Oct 2022 08:01:11 +0000 (10:01 +0200)
author Pavel Filipenský <pfilipensky@samba.org>
Fri, 9 Sep 2022 08:57:02 +0000 (10:57 +0200)
committer Andreas Schneider <asn@samba.org>
Fri, 21 Oct 2022 08:01:11 +0000 (10:01 +0200)
diff --git a/src/priv_wrapper.c b/src/priv_wrapper.c

index 86d09af41bc17471079aa78d9c6cf860fb8cc7f2..b8be4c3903bd9c433737a6a642ecaed4b1c6a898 100644 (file)
--- a/src/priv_wrapper.c
+++ b/src/priv_wrapper.c
@@ -114,6 +114,13 @@ void privwrap_destructor(void) DESTRUCTOR_ATTRIBUTE;
  static void privwrap_log(enum privwrap_dbglvl_e dbglvl, const char *func, const char *format, ...) PRINTF_ATTRIBUTE(3, 4);
  # define PRIVWRAP_LOG(dbglvl, ...) privwrap_log((dbglvl), __func__, __VA_ARGS__)
  
+/*
+ * DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE is used to avoid libasan to check all calls
+ * used by setrlimit(). setrlimit() is called by every process too early,
+ * already from _dl_init(), before call of __asan_init(), thus libasan is not
+ * yet fully initialized. This causes SIGSEGV and process crash.
+ */
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  static void privwrap_log(enum privwrap_dbglvl_e dbglvl,
                       const char *func,
                       const char *format, ...)
@@ -223,6 +230,7 @@ static const char *privwrap_str_lib(enum privwrap_lib lib)
         return "unknown";
  }
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  static void *privwrap_load_lib_handle(enum privwrap_lib lib)
  {
         int flags = RTLD_LAZY;
@@ -327,6 +335,7 @@ static void *_privwrap_bind_symbol(enum privwrap_lib lib, const char *fn_name)
                         _privwrap_bind_symbol(PRIVWRAP_LIBC, #sym_name); \
         }
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  static void __pwrap_bind_symbol_all_once(void)
  {
  #ifdef HAVE_SETRLIMIT
@@ -338,6 +347,7 @@ static void __pwrap_bind_symbol_all_once(void)
  #endif
  }
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  static void pwrap_bind_symbol_all(void)
  {
         static pthread_once_t all_symbol_binding_once = PTHREAD_ONCE_INIT;
@@ -398,6 +408,7 @@ static int libc_setrlimit(int resource,
   * PRIVWRAP HELPER FUNCTIONS
   *********************************************************/
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  bool priv_wrapper_enabled(void)
  {
         const char *env;
@@ -551,6 +562,7 @@ static bool privwrap_setrlimit_disabled(const char *resource)
         return true;
  }
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  static int privwrap_setrlimit(int resource, const struct rlimit *rlp)
  {
         bool setrlimit_disabled = false;
@@ -655,6 +667,7 @@ static int privwrap_setrlimit(int resource, const struct rlimit *rlp)
         return rc;
  }
  
+DO_NOT_SANITIZE_ADDRESS_ATTRIBUTE
  #ifdef _GNU_SOURCE
  int setrlimit(__rlimit_resource_t resource, const struct rlimit *rlp)
  #else
author	Pavel Filipenský <pfilipensky@samba.org>
	Fri, 9 Sep 2022 08:57:02 +0000 (10:57 +0200)
committer	Andreas Schneider <asn@samba.org>
	Fri, 21 Oct 2022 08:01:11 +0000 (10:01 +0200)