From f31dfc357ffdd8d18d3593a06cd4acb888eaba70 Mon Sep 17 00:00:00 2001 From: Milan Crha Date: Tue, 13 May 2025 14:20:46 +0200 Subject: [PATCH 2/2] server-mem-limit-test: Limit memory usage only when not built witha sanitizer A build with -Db_sanitize=address crashes with failed mmap(), which is done inside libasan. The test requires 20.0TB of virtual memory when running with the sanitizer, which is beyond unsigned integer limits and may not trigger the bug anyway. Part-of: CVE: CVE-2025-32907 Upstream-Status: Backport [https://gitlab.gnome.org/GNOME/libsoup/-/merge_requests/452/commits] Signed-off-by: Changqing Li --- meson.build | 4 ++++ tests/server-mem-limit-test.c | 13 +++++++++---- 2 files changed, 13 insertions(+), 4 deletions(-) diff --git a/meson.build b/meson.build index d4110da..74323ea 100644 --- a/meson.build +++ b/meson.build @@ -357,6 +357,10 @@ configinc = include_directories('.') prefix = get_option('prefix') +if get_option('b_sanitize') != 'none' + cdata.set_quoted('B_SANITIZE_OPTION', get_option('b_sanitize')) +endif + cdata.set_quoted('PACKAGE_VERSION', soup_version) cdata.set_quoted('LOCALEDIR', join_paths(prefix, get_option('localedir'))) cdata.set_quoted('GETTEXT_PACKAGE', libsoup_api_name) diff --git a/tests/server-mem-limit-test.c b/tests/server-mem-limit-test.c index 98f1c40..65dc875 100644 --- a/tests/server-mem-limit-test.c +++ b/tests/server-mem-limit-test.c @@ -126,14 +126,19 @@ main (int argc, char **argv) { int ret; - test_init (argc, argv, NULL); - - #ifndef G_OS_WIN32 - struct rlimit new_rlimit = { 1024 * 1024 * 64, 1024 * 1024 * 64 }; + /* a build with an address sanitizer may crash on mmap() with the limit, + thus skip the limit set in such case, even it may not necessarily + trigger the bug if it regresses */ + #if !defined(G_OS_WIN32) && !defined(B_SANITIZE_OPTION) + struct rlimit new_rlimit = { 1024UL * 1024UL * 1024UL * 2UL, 1024UL * 1024UL * 1024UL * 2UL }; /* limit memory usage, to trigger too large memory allocation abort */ g_assert_cmpint (setrlimit (RLIMIT_DATA, &new_rlimit), ==, 0); + #else + g_message ("server-mem-limit-test: Running without memory limit"); #endif + test_init (argc, argv, NULL); + g_test_add ("/server-mem/range-overlaps", ServerData, NULL, server_setup, do_ranges_overlaps_test, server_teardown); -- 2.34.1