util/pages: suppress scan-build on page check

Suppress the following warning:

util-pages.c:49:13: warning: Both PROT_WRITE and PROT_EXEC flags are set. This can lead to exploitable memory regions, which could be overwritten with malicious code [security.MmapWriteExec]
   49 |         if (mprotect(ptr, getpagesize(), PROT_READ|PROT_WRITE|PROT_EXEC) == -1) {
      |             ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
1 warning generated.

As the check is done to check if the OS allows it or not, for enabling
JIT in pcre.

diff --git a/src/util-pages.c b/src/util-pages.c
index 170170b1933da4d9dbcc7719d976de9f348b064f..37d7bc2e20b39dcaf209d10f57ceadf05dec14d8 100644 (file)
--- a/src/util-pages.c
+++ b/src/util-pages.c
@@ -43,6 +43,8 @@
 int PageSupportsRWX(void)
 {
     int retval = 1;
+    // suppress scan-build security.MmapWriteExec
+#ifndef __clang_analyzer__
     void *ptr;
     ptr = mmap(0, getpagesize(), PROT_READ|PROT_WRITE, MAP_ANON|MAP_SHARED, -1, 0);
     if (ptr != MAP_FAILED) {
@@ -52,6 +54,7 @@ int PageSupportsRWX(void)
         }
         munmap(ptr, getpagesize());
     }
+#endif
     return retval;
 }
 #endif /* HAVE_PAGESUPPORTSRWX_AS_MACRO */