Some gcc malloc leak analyzer workarounds.

gcc's leak checker simply cannot believe that this code does not leak the allocation for data, either (bizarrely) on every iteration of the loop that fills it or when generate_cert_list() returns, even though the trace it gives you stops right before the call to free() I've worked around this with the following pragma: #pragma GCC diagnostic push #pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak" ... #pragma GCC diagnostic pop ... only to discover that -flto makes the pragma not apply properly. This also introduces two build environment variables, ENABLE_LEAK_CHECKER and ENABLE_LEAK_CHECKER_LTO. Setting ENABLE_LEAK_CHECKER during the build will turn on the leak checker and disable -flto. If ENABLE_LEAK_CHECKER_LTO is also set, it won't disable -flto. *sigh*. Signed-off-by: Peter Jones <[email protected]>
Blarse · Nov 8, 2021 · 3d05219 · 3d05219
1 parent e0f9d6d
commit 3d05219
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/Make.defaults b/Make.defaults
@@ -18,6 +18,8 @@ INSTALL	?= install
 CROSS_COMPILE	?=
 EFI_ARCHES ?= aa64 ia32 x64
 
+enabled = $(if $(filter undefined,$(origin $(1))),$(3),$(2))
+
 PKG_CONFIG ?= $(CROSS_COMPILE)pkg-config
 CC	:= $(if $(filter default,$(origin CC)),$(CROSS_COMPILE)gcc,$(CC))
 CCLD	:= $(if $(filter undefined,$(origin CCLD)),$(CC),$(CCLD))
@@ -28,7 +30,7 @@ DIAGFLAGS ?= -fmessage-length=0 \
 	     -fdiagnostics-format=text \
 	     -fdiagnostics-show-cwe \
 	     -fanalyzer \
-	     -Wno-analyzer-malloc-leak
+	     $(call enabled,ENABLE_LEAK_CHECKER,-Wno-analyzer-malloc-leak,)
 AS	?= $(CROSS_COMPILE)as
 AR	?= $(CROSS_COMPILE)$(if $(filter $(CC),clang),llvm-ar,$(notdir $(CC))-ar)
 RANLIB	?= $(CROSS_COMPILE)$(if $(filter $(CC),clang),llvm-ranlib,$(notdir $(CC))-ranlib)
@@ -43,7 +45,9 @@ ARCH	   := $(shell uname -m | sed s,i[3456789]86,ia32,)
 
 SOFLAGS	?= -shared
 clang_cflags =
-gcc_cflags = -Wmaybe-uninitialized -grecord-gcc-switches -flto -fplugin=annobin $(DIAGFLAGS)
+gcc_cflags = -Wmaybe-uninitialized -grecord-gcc-switches -fplugin=annobin \
+             $(call enabled,ENABLE_LEAK_CHECKER,$(call enabled,ENABLE_LEAK_CHECKER_LTO,-flto,),) \
+	     $(DIAGFLAGS)
 cflags	= $(CFLAGS) $(ARCH3264) \
 	-Wall -Wextra -Wsign-compare -Wno-unused-result \
 	-Wno-unused-function -Wno-missing-field-initializers \

diff --git a/src/wincert.c b/src/wincert.c
@@ -8,6 +8,14 @@
 
 typedef win_certificate_pkcs_signed_data_t cert_list_entry_t;
 
+/*
+ * gcc's leak checker simply cannot believe that this code does not leak the
+ * allocation for data, either (bizarrely) on every iteration of the loop that
+ * fills it or when generate_cert_list() returns, even though the trace it
+ * gives you stops right before the call to free()
+ */
+#pragma GCC diagnostic push
+#pragma GCC diagnostic ignored "-Wanalyzer-malloc-leak"
 static int
 generate_cert_list(SECItem **signatures, int num_signatures,
 		   void **cert_list, size_t *cert_list_size)
@@ -81,6 +89,7 @@ finalize_signatures(SECItem **sigs, int num_sigs, Pe *pe)
 	free(clist);
 	return 0;
 }
+#pragma GCC diagnostic pop
 
 int
 cert_iter_init(cert_iter *iter, Pe *pe)