CODEWITHSUNDEEP
clangsanitizememory-sanitizer
Eric Stotch
Eric Stotch

Reputation: 241

How do I tell clang memory sanitizer to ignore data from certain libraries?

For example I'd like to ignore sqlite and zlib because I know they're well tested. I grabbed the zpipe.c example and built it like this. Keep in mind I'm using -lz and not building zlib myself. I'm only building zpipe myself and want to limit the sanitize to that one file

clang -g -fsanitize=undefined,memory zpipe.c -lz

I ran echo Test | ./a.out and I got the following error

Uninitialized bytes in __interceptor_fwrite at offset 0 inside [0x7ffd61230bc0, 13)
==50435==WARNING: MemorySanitizer: use-of-uninitialized-value
    #0 0x55767941cd85 in def /tmp/zlib-1.2.12/examples/zpipe.c:70:17
    #1 0x55767941e709 in main /tmp/zlib-1.2.12/examples/zpipe.c:186:15
    #2 0x7f65e834e30f in __libc_start_call_main libc-start.c
    #3 0x7f65e834e3c0 in __libc_start_main@GLIBC_2.2.5 (/usr/lib/libc.so.6+0x2d3c0)
    #4 0x5576793981d4 in _start (/tmp/zlib-1.2.12/examples/a.out+0x211d4)

SUMMARY: MemorySanitizer: use-of-uninitialized-value /tmp/zlib-1.2.12/examples/zpipe.c:70:17 in def

Is there a way I can say assume any data that goes in and out of zlib or sqlite to be safe to use? I'll be linking both and only want to sanitize my own code

Upvotes: 1

Views: 1843

Answers (1)

Matt
Matt

Reputation: 1156

You can use an ignore list file. https://clang.llvm.org/docs/SanitizerSpecialCaseList.html

Usage:

clang -fsanitize=address -fsanitize-ignorelist=ignorelist.txt foo.c

See the documentation for details on the format of the file.

Upvotes: 1

Related Questions