From 85716d2769b3e1acda024d2c7cbfb68139c5d90b Mon Sep 17 00:00:00 2001 From: Milan Crha Date: Tue, 13 May 2025 14:20:46 +0200 Subject: [PATCH 2/2] server-mem-limit-test: Limit memory usage only when not built witha sanitizer A build with -Db_sanitize=address crashes with failed mmap(), which is done inside libasan. The test requires 20.0TB of virtual memory when running with the sanitizer, which is beyond unsigned integer limits and may not trigger the bug anyway. Part-of: CVE: CVE-2025-32907 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/commits] Signed-off-by: Changqing Li --- meson.build | 4 ++++ tests/server-mem-limit-test.c | 13 +++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/meson.build b/meson.build index 73a9fa0..a9531a4 100644 --- a/meson.build +++ b/meson.build @@ -374,6 +374,10 @@ configinc = include_directories('.') prefix = get_option('prefix') +if get_option('b_sanitize') != 'none' + cdata.set_quoted('B_SANITIZE_OPTION', get_option('b_sanitize')) +endif + cdata.set_quoted('PACKAGE_VERSION', soup_version) cdata.set_quoted('LOCALEDIR', join_paths(prefix, get_option('localedir'))) cdata.set_quoted('GETTEXT_PACKAGE', libsoup_api_name) diff --git a/tests/server-mem-limit-test.c b/tests/server-mem-limit-test.c index 98f1c40..65dc875 100644 --- a/tests/server-mem-limit-test.c +++ b/tests/server-mem-limit-test.c @@ -126,14 +126,19 @@ main (int argc, char **argv) { int ret; - test_init (argc, argv, NULL); - - #ifndef G_OS_WIN32 - struct rlimit new_rlimit = { 1024 * 1024 * 64, 1024 * 1024 * 64 }; + /* a build with an address sanitizer may crash on mmap() with the limit, + thus skip the limit set in such case, even it may not necessarily + trigger the bug if it regresses */ + #if !defined(G_OS_WIN32) && !defined(B_SANITIZE_OPTION) + struct rlimit new_rlimit = { 1024UL * 1024UL * 1024UL * 2UL, 1024UL * 1024UL * 1024UL * 2UL }; /* limit memory usage, to trigger too large memory allocation abort */ g_assert_cmpint (setrlimit (RLIMIT_DATA, &new_rlimit), ==, 0); + #else + g_message ("server-mem-limit-test: Running without memory limit"); #endif + test_init (argc, argv, NULL); + g_test_add ("/server-mem/range-overlaps", ServerData, NULL, server_setup, do_ranges_overlaps_test, server_teardown); -- 2.34.1