我正在 gcc 4.8.3 上编译我的代码。我已启用-fsanitize=address
选项。但是我的程序在启动过程中退出,在 3rd 方库代码中抛出全局缓冲区溢出错误。所以我试图跳过这个函数(或调用者函数)的消毒剂。我试过__attribute__((no_sanitize("address")))
了,但编译器会抛出警告,‘no_sanitize’ attribute directive ignored
即使尝试过-fsanitize-recover=address
,但地址上似乎不支持恢复。任何人都可以帮助我如何让我的程序在第一个错误后继续运行,或者黑名单功能跳过清理?
编辑
template <class T>
void __attribute__((no_sanitize_address)) OID_CB<T>::Init(s8_t* name, s8_t* data, u32_t entryNum, u32_t start, u32_t end, u32_t entrySize, bool ViewFlag, bool WholeTableFlag)
{
strcpy(mName,name);
mName[strlen(name)]='\0';
mData = data;
mEntryNum = entryNum;
mStart = start;
mEnd = end;
mEntrySize = entrySize;
mIsView = ViewFlag;
mIsWholeTable = WholeTableFlag;
}
==22247== ERROR: AddressSanitizer: global-buffer-overflow on address 0x000002ca57bf at pc 0x1020cc2 bp 0x7ffdd93b7070 sp 0x7ffdd93b7060
READ of size 1 at 0x000002ca57bf thread T0
#0 0x1020cc1 in OID_CB<causeCodeMgr>::Init(char*, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool) /xxxx/xxxx/common/causeCodeMgr/../../../xxx/oam/include/cm_interface.h:457
#1 0x1020cc1 in CMI<causeCodeMgr>::addOID(char*, unsigned long long, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool) /xxxx/xxx/common/causeCodeMgr/../../../xxx/oam/include/cm_interface.h:1289
0x000002ca57bf is located 45 bytes to the right of global variable '*.LC670 (causeCodeMgr.cpp)' (0x2ca5780) of size 18
'*.LC670 (causeCodeMgr.cpp)' is ascii string 'causeCodeInternal'
0x000002ca57bf is located 1 bytes to the left of global variable '*.LC671 (causeCodeMgr.cpp)' (0x2ca57c0) of size 26
'*.LC671 (causeCodeMgr.cpp)' is ascii string 'internalCauseCodeToAction'
SUMMARY: AddressSanitizer: global-buffer-overflow /xxxx/rhel_7_1_x86_64/xxxx/common/causeCodeMgr/../../../xxxx/oam/include/cm_interface.h:457 OID_CB<causeCodeMgr>::Init(char*, char*, unsigned int, unsigned int, unsigned int, unsigned int, bool, bool)
Shadow bytes around the buggy address:
0x00008058caa0: f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9 00 06 f9 f9
0x00008058cab0: f9 f9 f9 f9 00 03 f9 f9 f9 f9 f9 f9 00 04 f9 f9
0x00008058cac0: f9 f9 f9 f9 00 00 02 f9 f9 f9 f9 f9 00 00 06 f9
0x00008058cad0: f9 f9 f9 f9 00 00 00 00 02 f9 f9 f9 f9 f9 f9 f9
0x00008058cae0: 00 00 06 f9 f9 f9 f9 f9 00 00 f9 f9 f9 f9 f9 f9
=>0x00008058caf0: 00 00 02 f9 f9 f9 f9[f9]00 00 00 02 f9 f9 f9 f9
0x00008058cb00: 00 00 00 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
0x00008058cb10: 00 00 00 f9 f9 f9 f9 f9 00 04 f9 f9 f9 f9 f9 f9
0x00008058cb20: 00 03 f9 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
0x00008058cb30: 00 00 02 f9 f9 f9 f9 f9 00 07 f9 f9 f9 f9 f9 f9
0x00008058cb40: 00 04 f9 f9 f9 f9 f9 f9 00 01 f9 f9 f9 f9 f9 f9
Shadow byte legend (one shadow byte represents 8 application bytes):
Addressable: 00
Partially addressable: 01 02 03 04 05 06 07
Heap left redzone: fa
Heap righ redzone: fb
Freed Heap region: fd
Stack left redzone: f1
Stack mid redzone: f2
Stack right redzone: f3
Stack partial redzone: f4
Stack after return: f5
Stack use after scope: f8
Global redzone: f9
Global init order: f6
Poisoned by user: f7
ASan internal: fe