From dad941a28859f00f8eb35c4d85d05fb3ebfc6a31 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Wed, 23 Feb 2022 09:12:51 +0100 Subject: [PATCH 1/2] Disable inactive handles caching when compiled with sanitizers When isc_nmhandle_t gets deactivated, it could be just put onto array stack to be reused later to safe some initialization time. Unfortunately, this might hide some use-after-free errors. Disable the inactive handles caching when compiled with Address or Thread Sanitizer. (cherry picked from commit 92cce1da6571f9fe4b904667c822ab8ff0ebe4b2) --- lib/isc/netmgr/netmgr.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c index 4e9441e0a5..0bc2c7c51d 100644 --- a/lib/isc/netmgr/netmgr.c +++ b/lib/isc/netmgr/netmgr.c @@ -1754,9 +1754,11 @@ nmhandle_deactivate(isc_nmsocket_t *sock, isc_nmhandle_t *handle) { INSIST(atomic_fetch_sub(&sock->ah, 1) > 0); +#if !__SANITIZE_ADDRESS__ && !__SANITIZE_THREAD__ if (atomic_load(&sock->active)) { reuse = isc_astack_trypush(sock->inactivehandles, handle); } +#endif /* !__SANITIZE_ADDRESS__ && !__SANITIZE_THREAD__ */ if (!reuse) { nmhandle_free(sock, handle); } From 408b79ba245cbae58eb17cbad8b2243aeb7f8d29 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Ond=C5=99ej=20Sur=C3=BD?= Date: Thu, 24 Feb 2022 00:14:26 +0100 Subject: [PATCH 2/2] Disable inactive uvreqs caching when compiled with sanitizers When isc__nm_uvreq_t gets deactivated, it could be just put onto array stack to be reused later to save some initialization time. Unfortunately, this might hide some use-after-free errors. Disable the inactive uvreqs caching when compiled with Address or Thread Sanitizer. (cherry picked from commit be339b3c8399bb6ccf8acd26edfbb721b9c7e256) --- lib/isc/netmgr/netmgr.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/lib/isc/netmgr/netmgr.c b/lib/isc/netmgr/netmgr.c index 0bc2c7c51d..c237739359 100644 --- a/lib/isc/netmgr/netmgr.c +++ b/lib/isc/netmgr/netmgr.c @@ -2515,10 +2515,14 @@ isc___nm_uvreq_put(isc__nm_uvreq_t **req0, isc_nmsocket_t *sock FLARG) { handle = req->handle; req->handle = NULL; +#if !__SANITIZE_ADDRESS__ && !__SANITIZE_THREAD__ if (!isc__nmsocket_active(sock) || !isc_astack_trypush(sock->inactivereqs, req)) { isc_mem_put(sock->mgr->mctx, req, sizeof(*req)); } +#else /* !__SANITIZE_ADDRESS__ && !__SANITIZE_THREAD__ */ + isc_mem_put(sock->mgr->mctx, req, sizeof(*req)); +#endif /* !__SANITIZE_ADDRESS__ && !__SANITIZE_THREAD__ */ if (handle != NULL) { isc__nmhandle_detach(&handle FLARG_PASS);