2

我正在 gcc 4.8.3 上编译我的代码。我已启用-fsanitize=address选项。但是我的程序在启动过程中退出,在 3rd 方库代码中抛出全局缓冲区溢出错误。所以我试图跳过这个函数(或调用者函数)的消毒剂。我试过__attribute__((no_sanitize("address")))了,但编译器会抛出警告,‘no_sanitize’ attribute directive ignored 即使尝试过-fsanitize-recover=address,但地址上似乎不支持恢复。任何人都可以帮助我如何让我的程序在第一个错误后继续运行,或者黑名单功能跳过清理?

编辑

template <class T>
void __attribute__((no_sanitize_address)) OID_CB<T>::Init(s8_t* name, s8_t* data, u32_t entryNum, u32_t start,  u32_t end, u32_t entrySize, bool ViewFlag, bool WholeTableFlag)
{
        strcpy(mName,name);
        mName[strlen(name)]='\0';
        mData         = data;
        mEntryNum     = entryNum;
        mStart        = start;
        mEnd          = end;
        mEntrySize    = entrySize;
        mIsView       = ViewFlag;
        mIsWholeTable = WholeTableFlag;
}


==22247== ERROR: AddressSanitizer: global-buffer-overflow on address 0x000002ca57bf at pc 0x1020cc2 bp 0x7ffdd93b7070 sp 0x7ffdd93b7060
READ of size 1 at 0x000002ca57bf thread T0
    #0 0x1020cc1 in OID_CB<causeCodeMgr>::Init(char*, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool) /xxxx/xxxx/common/causeCodeMgr/../../../xxx/oam/include/cm_interface.h:457
    #1 0x1020cc1 in CMI<causeCodeMgr>::addOID(char*, unsigned long long, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool) /xxxx/xxx/common/causeCodeMgr/../../../xxx/oam/include/cm_interface.h:1289

    0x000002ca57bf is located 45 bytes to the right of global variable '*.LC670 (causeCodeMgr.cpp)' (0x2ca5780) of size 18
  '*.LC670 (causeCodeMgr.cpp)' is ascii string 'causeCodeInternal'
0x000002ca57bf is located 1 bytes to the left of global variable '*.LC671 (causeCodeMgr.cpp)' (0x2ca57c0) of size 26
  '*.LC671 (causeCodeMgr.cpp)' is ascii string 'internalCauseCodeToAction'
SUMMARY: AddressSanitizer: global-buffer-overflow /xxxx/rhel_7_1_x86_64/xxxx/common/causeCodeMgr/../../../xxxx/oam/include/cm_interface.h:457 OID_CB<causeCodeMgr>::Init(char*, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool)
Shadow bytes around the buggy address:
  0x00008058caa0: f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9 00 06 f9 f9
  0x00008058cab0: f9 f9 f9 f9 00 03 f9 f9 f9 f9 f9 f9 00 04 f9 f9
  0x00008058cac0: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 06 f9
  0x00008058cad0: f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9
  0x00008058cae0: 00 00 06 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
=>0x00008058caf0: 00 00 02 f9 f9 f9 f9[f9]00 00 00 02 f9 f9 f9 f9
  0x00008058cb00: 00 00 00 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
  0x00008058cb10: 00 00 00 f9 f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9
  0x00008058cb20: 00 03 f9 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
  0x00008058cb30: 00 00 02 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
  0x00008058cb40: 00 04 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
  Addressable:           00
  Partially addressable: 01 02 03 04 05 06 07 
  Heap left redzone:     fa
  Heap righ redzone:     fb
  Freed Heap region:     fd
  Stack left redzone:    f1
  Stack mid redzone:     f2
  Stack right redzone:   f3
  Stack partial redzone: f4
  Stack after return:    f5
  Stack use after scope: f8
  Global redzone:        f9
  Global init order:     f6
  Poisoned by user:      f7
  ASan internal:         fe
4

1 回答 1

2

我尝试了属性((no_sanitize("address"))) 但编译器抛出警告“no_sanitize”属性指令被忽略

恐怕 GCC 不支持这种语法(他们的 Bugzilla 中甚至有一个错误)。你应该可以使用no_sanitize_address(在docs中阅读)。

甚至尝试过 -fsanitize-recover=address 但地址似乎不支持恢复。

这仅出现在 GCC 6 中。

于 2017-03-24T08:02:14.517 回答