Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Trim absolute paths in files generated by cgo #3011

Merged
merged 1 commit into from
Nov 29, 2021
Merged

Trim absolute paths in files generated by cgo #3011

merged 1 commit into from
Nov 29, 2021

Conversation

fmeum
Copy link
Collaborator

@fmeum fmeum commented Nov 18, 2021

What type of PR is this?

Bug fix

What does this PR do? Why is it needed?

The cgo command generates .c files that contain //line comments
referencing source files by absolute paths into the Bazel cache. As the
contents of these comments end up in the symbol table of the resulting
c-archive, this makes Bazel-built CGo binaries non-reproducible.

This is fixed by passing the -trimpath argument to cgo to trim the
Bazel execroot prefix from these paths.

Which issues(s) does this PR fix?

Fixes #3010

@google-cla google-cla bot added the cla: yes label Nov 18, 2021
@fmeum fmeum force-pushed the fix-cgo-sandbox-path-leakage branch 2 times, most recently from 5d8c43e to 09f4495 Compare November 18, 2021 19:39
@fmeum
Trim absolute paths in files generated by cgo
cc86e36 
The cgo command generates .c files that contain //line comments
referencing source files by absolute paths into the Bazel cache. As the
contents of these comments end up in the symbol table of the resulting
c-archive, this makes Bazel-built CGo binaries non-reproducible.

This is fixed by passing the -trimpath argument to cgo to trim the
Bazel execroot prefix from these paths.

Fixes bazelbuild#3010.
@fmeum fmeum force-pushed the fix-cgo-sandbox-path-leakage branch from 09f4495 to cc86e36 Compare November 18, 2021 20:35
@robfig robfig merged commit 62beb01 into bazelbuild:master Nov 29, 2021
@robfig
Copy link
Contributor

robfig commented Nov 29, 2021

Thank you!

@JamyDev JamyDev mentioned this pull request Jan 18, 2022
Merged
@bizrad
Copy link

bizrad commented Jan 19, 2022
edited
Loading

I wonder if this is also the fix for #3048

@fmeum fmeum deleted the fix-cgo-sandbox-path-leakage branch January 19, 2022 10:43
@itsdalmo itsdalmo mentioned this pull request Jan 21, 2022
Closed
@rogerhu rogerhu mentioned this pull request May 5, 2024
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
cla: yes
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

CGo leaks absolute paths into the resulting binary
3 participants
@fmeum @robfig @bizrad