Disable backtraces on OSX #45760
Disable backtraces on OSX #45760
Conversation
alexcrichton
added
the
beta-nominated
|
cc @rust-lang/libs |
|
r? @sfackler (rust_highfive has picked a reviewer for you, use r? to override) |
kennytm
added
the
S-waiting-on-review
|
cc #24346 |
|
Is there a way of doing this that's less invasive to the libbacktrace source? |
|
It's worth noting that if the vulnerability is indeed in the DWARF parser it is likely on other platforms as well; there is no OS X specific code in the DWARF parser and its interactions with it are minimal (it just searches for the appropriate named sections). The stack trace from #45731 makes me doubt that this is the case unless the given crash is due to the DWARF parser trashing memory and the Mach-O code simply happens to be the one to step in it. @sfackler The only this that needs to reverted to prevent the code from running is the changes to the |
|
I tracked down the crash in #45731. It turns out the |
|
Thanks for the investigation @JohnColanduoni! Do you have a fix available locally for this? If so I think we can probably just apply that and avoid reverting. @sfackler probably, I just did the easiest thing of reverting the PR rather than trying to pick-and-choose what happened. |
|
Ah gotcha, I didn't realize the OSX stuff was already a patch on top of libbacktrace. |
|
@alexcrichton This should do it: #45866. |
|
Awesome! Closing in favor of that |
nikomatsakis
removed
the
beta-nominated
This PR is a revert of #44251 which disables backtraces via
RUST_BACKTRACE=1on OSX. It was discovered in #45731 that OSX binaries generating a backtrace started generating a segfault in the range of 4279e2b...8493813. The most likely candidate PR in that range is #45400 which switched to compiling libtest with ThinLTO. Furthermore it's probably mostly likely that libbacktrace is segfaulting due to #45511, or otherwise bad DWARF data in libtest.Now the bad DWARF information is certainly a bug with ThinLTO that needs to be fixed! Despite this, however, this is a presumed resurgence of #21889 where you can feed arbitrary data to libbacktrace effectively, and if it segfaults that's presumably a security vulnerability. In that sense a fix to DWARF + ThinLTO is not enough, but this indicates a deeper underlying problem that OSX binaries may be vulnerable to the situation described in #21889.
As a result, this PR reverts backtrace support for OSX, which can return once we're confident enough in the implementation of libbacktrace for OSX. I'm also going to nominate this for a beta backport as it's something we'll want to get out pretty soon.
Closes #45731