Skip to content

Commit

Permalink
lang/gcc12: Re-execute program with ASLR disabled when necessary
Browse files Browse the repository at this point in the history
Software compiled with -fsanitize=address needs ASLR to be disabled to
run successfully.

Add patches taken from the commits listed below that improve ASLR
detection and re-execute the program with ASLR disabled if necessary.

https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46
https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb
https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f

PR:		267751
  • Loading branch information
lsalvadore committed Nov 30, 2022
1 parent 2714142 commit d187c55
Show file tree
Hide file tree
Showing 3 changed files with 94 additions and 1 deletion.
2 changes: 1 addition & 1 deletion lang/gcc12/Makefile
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
PORTNAME= gcc
PORTVERSION= 12.2.0
PORTREVISION= 4
PORTREVISION= 5
CATEGORIES= lang
MASTER_SITES= GCC
PKGNAMESUFFIX= ${SUFFIX}
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,61 @@
Patch taken from the following commits:

- https://cgit.freebsd.org/src/commit/?id=7cafe89f9ce33effe6e471b185339d413da1ca46
- https://cgit.freebsd.org/src/commit/?id=930a7c2ac67e1e8e511aa1d0a31a16c632060ebb

--- libsanitizer/sanitizer_common/sanitizer_linux.cpp.orig 2022-11-26 10:40:30 UTC
+++ libsanitizer/sanitizer_common/sanitizer_linux.cpp
@@ -80,6 +80,7 @@

#if SANITIZER_FREEBSD
#include <sys/exec.h>
+#include <sys/procctl.h>
#include <sys/sysctl.h>
#include <machine/atomic.h>
extern "C" {
@@ -2171,33 +2172,20 @@ void CheckASLR() {
ReExec();
}
#elif SANITIZER_FREEBSD
- int aslr_pie;
- uptr len = sizeof(aslr_pie);
-#if SANITIZER_WORDSIZE == 64
- if (UNLIKELY(internal_sysctlbyname("kern.elf64.aslr.pie_enable",
- &aslr_pie, &len, NULL, 0) == -1)) {
- // We're making things less 'dramatic' here since
- // the OID is not necessarily guaranteed to be here
+ int aslr_status;
+ if (UNLIKELY(procctl(P_PID, 0, PROC_ASLR_STATUS, &aslr_status) == -1)) {
+ // We're making things less 'dramatic' here since
+ // the cmd is not necessarily guaranteed to be here
// just yet regarding FreeBSD release
return;
- }
-
- if (aslr_pie > 0) {
- Printf("This sanitizer is not compatible with enabled ASLR "
- "and binaries compiled with PIE\n");
- Die();
- }
-#endif
- // there might be 32 bits compat for 64 bits
- if (UNLIKELY(internal_sysctlbyname("kern.elf32.aslr.pie_enable",
- &aslr_pie, &len, NULL, 0) == -1)) {
- return;
- }
-
- if (aslr_pie > 0) {
- Printf("This sanitizer is not compatible with enabled ASLR "
- "and binaries compiled with PIE\n");
- Die();
+ }
+ if ((aslr_status & PROC_ASLR_ACTIVE) != 0) {
+ VReport(1, "This sanitizer is not compatible with enabled ASLR "
+ "and binaries compiled with PIE\n"
+ "ASLR will be disabled and the program re-executed.\n");
+ int aslr_ctl = PROC_ASLR_FORCE_DISABLE;
+ CHECK_NE(procctl(P_PID, 0, PROC_ASLR_CTL, &aslr_ctl), -1);
+ ReExec();
}
#else
// Do nothing
Original file line number Diff line number Diff line change
@@ -0,0 +1,32 @@
Patch taken from

https://cgit.freebsd.org/src/commit/?id=96fe7c8ab0f65cf829619abd74ae6c126b21e15f

--- libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp.orig 2022-11-26 09:47:34 UTC
+++ libsanitizer/sanitizer_common/sanitizer_linux_libcdep.cpp
@@ -45,7 +45,9 @@

#if SANITIZER_FREEBSD
#include <pthread_np.h>
+#include <stdlib.h>
#include <osreldate.h>
+#include <sys/auxv.h>
#include <sys/sysctl.h>
#define pthread_getattr_np pthread_attr_get_np
#endif
@@ -857,7 +859,14 @@ void ReExec() {
void ReExec() {
const char *pathname = "/proc/self/exe";

-#if SANITIZER_NETBSD
+#if SANITIZER_FREEBSD
+ char exe_path[PATH_MAX];
+ if (elf_aux_info(AT_EXECPATH, exe_path, sizeof(exe_path)) == 0) {
+ char link_path[PATH_MAX];
+ if (realpath(exe_path, link_path))
+ pathname = link_path;
+ }
+#elif SANITIZER_NETBSD
static const int name[] = {
CTL_KERN,
KERN_PROC_ARGS,

0 comments on commit d187c55

Please sign in to comment.