我正在使用带有 -fsatize=memory 和 -fsanitize-blacklist 的 clang 7.0.1-6 来忽略 libc 中的未初始化内存。
不幸的是,msan 似乎并没有忽略 cap_init,或者它的后代。
$ cat /buildslave/core-ci/build/core/blacklist
fun:cap_init
fun:drop_capabilities
fun:__interceptor_capget
...
libtool: compile: clang -DHAVE_CONFIG_H -I. -I../.. -I../../src/lib -I../../src/lib-test -I../../src/lib-charset -I../../src/lib-mail -std=gnu99 -g -O2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wno-duplicate-decl-specifier -Wstrict-aliasing=2 -ggdb3 -O0 -fsanitize=undefined -fsanitize=memory -fsanitize-memory-track-origins=2 -fsanitize-memory-use-after-dtor -Qunused-arguments -fsanitize-blacklist=/buildslave/core-ci/build/core/blacklist -MT imap-base-subject.lo -MD -MP -MF .deps/imap-base-subject.Tpo -c imap-base-subject.c -o imap-base-subject.o >/dev/null 2>&1
...
libtool: link: clang -std=gnu99 -g -O2 -fstack-protector-strong -U_FORTIFY_SOURCE -D_FORTIFY_SOURCE=2 -Wall -W -Wmissing-prototypes -Wmissing-declarations -Wpointer-arith -Wchar-subscripts -Wformat=2 -Wbad-function-cast -Wno-duplicate-decl-specifier -Wstrict-aliasing=2 -ggdb3 -O0 -fsanitize=undefined -fsanitize=memory -Qunused-arguments -fsanitize-blacklist=/buildslave/core-ci/build/core/blacklist -Wl,--as-needed -o .libs/dovecot capabilities-posix.o dup2-array.o main.o master-client.o master-settings.o service-anvil.o service-listen.o service-log.o service-monitor.o service-process.o service-process-notify.o service.o -pie -Wl,-z -Wl,relro -Wl,-z -Wl,now -Wl,--export-dynamic -lcap ../../src/lib-dovecot/.libs/libdovecot.so -ldl -Wl,-rpath -Wl,/dovecot/lib/dovecot
$ sudo env CONFIG_FILE=/tmp/testrun-190217_174730/auth-test-1/etc/dovecot/dovecot.conf /dovecot/sbin/dovecot -F
Uninitialized bytes in __interceptor_capget at offset 0 inside [0x703000000214, 8)
==16392==WARNING: MemorySanitizer: use-of-uninitialized-value
#0 0x7f0e1efb8b22 in cap_init (/lib/x86_64-linux-gnu/libcap.so.2+0x1b22)
#1 0x55dba0933878 in drop_capabilities /buildslave/core-ci/build/core/src/master/capabilities-posix.c:25:9
#2 0x55dba094007c in main_init /buildslave/core-ci/build/core/src/master/main.c:521:2
#3 0x55dba093c420 in main /buildslave/core-ci/build/core/src/master/main.c:908:3
#4 0x7f0e1c9f82e0 in __libc_start_main (/lib/x86_64-linux-gnu/libc.so.6+0x202e0)
#5 0x55dba08bc9b9 in _start (/dovecot/sbin/dovecot+0x4c9b9)