From: Fabian Keil <fk@fabiankeil.de>
Date: Wed, 17 Mar 2021 11:12:42 +0000 (+0100)
Subject: Add a configure option to disable pcre JIT compilation
X-Git-Tag: v_3_0_33~104^2~7
X-Git-Url: http://www.privoxy.org/gitweb/faq/user-manual/developer-manual/static/gitweb.js?a=commitdiff_plain;h=12f96cb705433afd5a14e6032adb5d12df8c23ca;p=privoxy.git

Add a configure option to disable pcre JIT compilation

While JIT compilation makes filtering faster it can
cause false-positive valgrind complaints like:

    ==94928== Thread 2:
    ==94928== Conditional jump or move depends on uninitialised value(s)
    ==94928==    at 0x40A990B: ???
    ==94928==    by 0x955E761: ???
    ==94928==  Uninitialised value was created by a heap allocation
    ==94928==    at 0x4C26A44: malloc (in /usr/local/lib/valgrind/vgpreload_memcheck-amd64-freebsd.so)
    ==94928==    by 0x5114247: BUF_MEM_grow_clean (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x50F2FD2: ??? (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x50EDB7F: ??? (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x50ECD78: ??? (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x50ECC75: BIO_write (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x5C15B0F: ??? (in /usr/local/lib/libssl.so.11)
    ==94928==    by 0x5C422A9: ??? (in /usr/local/lib/libssl.so.11)
    ==94928==    by 0x5C39156: ??? (in /usr/local/lib/libssl.so.11)
    ==94928==    by 0x5C07F9A: ??? (in /usr/local/lib/libssl.so.11)
    ==94928==    by 0x50ED3AA: BIO_ctrl (in /usr/local/lib/libcrypto.so.11)
    ==94928==    by 0x460033: create_server_ssl_connection (openssl.c:1150)

As reported by Gwyn Ciesla in SF bug 924 it also can
cause problems when the SELinux policy does not grant
Privoxy "execmem" privileges.
---

diff --git a/acconfig.h b/acconfig.h
index 9ec87fdc..d88028b5 100644
--- a/acconfig.h
+++ b/acconfig.h
@@ -72,6 +72,11 @@
  */
 #undef FEATURE_DYNAMIC_PCRE
 
+/*
+ * Should pcrs use pcre JIT compilation if it's supported?
+ */
+#undef DISABLE_PCRE_JIT_COMPILATION
+
 /*
  * Should pcrs be statically built in instead of linkling with libpcrs?
  * (This is determined by configure depending on the availiability of
diff --git a/configure.in b/configure.in
index cdec6b13..2614cab3 100644
--- a/configure.in
+++ b/configure.in
@@ -973,6 +973,12 @@ AC_ARG_ENABLE(pcre-host-patterns,
   AC_DEFINE(FEATURE_PCRE_HOST_PATTERNS)
 fi])
 
+AC_ARG_ENABLE(pcre-jit-compilation,
+[  --disable-pcre-jit-compilation     Don't let pcrs use pcre JIT compilation even if pcre supports it.],
+[if test $enableval != yes; then
+  AC_DEFINE(DISABLE_PCRE_JIT_COMPILATION)
+fi])
+
 AC_ARG_ENABLE(external-filters,
 [  --enable-external-filters       Allow to filter content with scripts and programs. Experimental.],
 [if test $enableval = yes; then
diff --git a/pcrs.c b/pcrs.c
index 83100983..007f7cc1 100644
--- a/pcrs.c
+++ b/pcrs.c
@@ -670,10 +670,14 @@ pcrs_job *pcrs_compile(const char *pattern, const char *substitute, const char *
 
 
 #ifdef PCRE_STUDY_JIT_COMPILE
+#ifdef DISABLE_PCRE_JIT_COMPILATION
+#warning PCRE_STUDY_JIT_COMPILE is supported but Privoxy has been configured not to use it
+#else
    if (!(flags & PCRS_DYNAMIC))
    {
       pcre_study_options = PCRE_STUDY_JIT_COMPILE;
    }
+#endif
 #endif
 
    /*