From: Willy Tarreau <w@1wt.eu>
Date: Wed, 25 Oct 2023 12:34:08 +0000 (+0200)
Subject: DEBUG: add a tainted flag when ha_panic() is called
X-Git-Tag: v2.9-dev9~30
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=46bbb3a33be4be1cf8a54b39dbd57433501229e8;p=thirdparty%2Fhaproxy.git

DEBUG: add a tainted flag when ha_panic() is called

This will make it easier to know that the panic function was called,
for the occasional case where the dump crashes and/or the stack is
corrupted and not much exploitable. Now at least it will be sufficient
to check the tainted value to know that someone called ha_panic(), and
it will also be usable to condition extra analysis.
---

diff --git a/include/haproxy/bug.h b/include/haproxy/bug.h
index d347448691..a716568f90 100644
--- a/include/haproxy/bug.h
+++ b/include/haproxy/bug.h
@@ -248,6 +248,7 @@ enum tainted_flags {
 	TAINTED_SHARED_LIBS            = 0x00000040, /* a shared library was loaded */
 	TAINTED_REDEFINITION           = 0x00000080, /* symbol redefinition detected */
 	TAINTED_REPLACED_MEM_ALLOCATOR = 0x00000100, /* memory allocator was replaced using LD_PRELOAD */
+	TAINTED_PANIC                  = 0x00000200, /* a panic dump has started */
 };
 
 /* this is a bit field made of TAINTED_*, and is declared in haproxy.c */
diff --git a/src/debug.c b/src/debug.c
index a7e3dfd101..5598d212d2 100644
--- a/src/debug.c
+++ b/src/debug.c
@@ -415,6 +415,8 @@ void ha_panic()
 	struct buffer *old;
 	unsigned int thr;
 
+	mark_tainted(TAINTED_PANIC);
+
 	old = NULL;
 	if (!HA_ATOMIC_CAS(&thread_dump_buffer, &old, get_trash_chunk())) {
 		/* a panic dump is already in progress, let's not disturb it,