Skip to content

Commit

Permalink
Unset DYLD_INSERT_BINARIES when unneeded
Browse files Browse the repository at this point in the history
Previously, the tracer environment variables were set for the
current process, and for future steps, in the init action. In
certain scenarios (such as on MacOS ARM runners with System
Integrity Protection disabled), these environment variables are
not unset by the system. In particular, the `DYLD_INSERT_BINARIES`
variable interferes with later system calls.

This change unsets the `DYLD_INSERT_BINARIES` variable for the
current process in init. It also unsets the variables either at the
beginning of autobuild, or analyze, if autobuild has not run.
  • Loading branch information
angelapwen committed Aug 15, 2024
1 parent a93f8c2 commit 954566e
Show file tree
Hide file tree
Showing 16 changed files with 57 additions and 6 deletions.
1 change: 1 addition & 0 deletions CHANGELOG.md
Original file line number Diff line number Diff line change
Expand Up @@ -7,6 +7,7 @@ Note that the only difference between `v2` and `v3` of the CodeQL Action is the
## [UNRELEASED]

- Update default CodeQL bundle version to 2.18.2. [#2417](https://github.com/github/codeql-action/pull/2417)
- Fix a bug where system calls in the Action, such as `df`, would fail on ARM machines with System Integrity Protection disabled due to injected build tracer environment variables. [#2428](https://github.com/github/codeql-action/pull/2428)

## 3.26.1 - 13 Aug 2024

Expand Down
5 changes: 5 additions & 0 deletions lib/analyze-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/analyze-action.js.map

Large diffs are not rendered by default.

1 change: 1 addition & 0 deletions lib/autobuild-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/autobuild-action.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

1 change: 1 addition & 0 deletions lib/environment.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

2 changes: 1 addition & 1 deletion lib/environment.js.map

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

5 changes: 5 additions & 0 deletions lib/init-action.js

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

Loading

0 comments on commit 954566e

Please sign in to comment.