fix(iast): remove unneeded atexit handler (#8565)

IAST: This fix addresses an issue where the atexit handler could lead to a segmentation fault. Fixes #8504 ## Checklist - [x] Change(s) are motivated and described in the PR description - [x] Testing strategy is described if automated tests are not included in the PR - [x] Risks are described (performance impact, potential for breakage, maintainability) - [x] Change is maintainable (easy to change, telemetry, documentation) - [x] [Library release note guidelines](https://ddtrace.readthedocs.io/en/stable/releasenotes.html) are followed or label `changelog/no-changelog` is set - [x] Documentation is included (in-code, generated user docs, [public corp docs](https://github.com/DataDog/documentation/)) - [x] Backport labels are set (if [applicable](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting)) - [x] If this PR changes the public interface, I've notified `@DataDog/apm-tees`. - [x] If change touches code that signs or publishes builds or packages, or handles credentials of any kind, I've requested a review from `@DataDog/security-design-and-guidance`. ## Reviewer Checklist - [x] Title is accurate - [x] All changes are related to the pull request's stated goal - [x] Description motivates each change - [x] Avoids breaking [API](https://ddtrace.readthedocs.io/en/stable/versioning.html#interfaces) changes - [x] Testing strategy adequately addresses listed risks - [x] Change is maintainable (easy to change, telemetry, documentation) - [x] Release note makes sense to a user of the library - [x] Author has acknowledged and discussed the performance implications of this PR as reported in the benchmarks PR comment - [x] Backport labels are set in a manner that is consistent with the [release branch maintenance policy](https://ddtrace.readthedocs.io/en/latest/contributing.html#backporting) (cherry picked from commit 9aaa7d4)
DataDog · Mar 4, 2024 · f69c833 · f69c833
1 parent 0069e2e
commit f69c833
Show file tree

Hide file tree

Showing 2 changed files with 4 additions and 3 deletions.
diff --git a/ddtrace/appsec/_iast/_taint_tracking/_native.cpp b/ddtrace/appsec/_iast/_taint_tracking/_native.cpp
@@ -63,9 +63,6 @@ PYBIND11_MODULE(_native, m)
 {
     initializer = make_unique<Initializer>();
     initializer->create_context();
-    // Cleanup code to be run at the end of the interpreter lifetime:
-    auto atexit = py::module::import("atexit");
-    atexit.attr("register")(py::cpp_function([] { initializer.reset(); }));
 
     m.doc() = "Native Python module";
 

diff --git a/releasenotes/notes/iast-fix-remove-unneeded-atexit-handler-2a2f7e193c457666.yaml b/releasenotes/notes/iast-fix-remove-unneeded-atexit-handler-2a2f7e193c457666.yaml
@@ -0,0 +1,4 @@
+---
+fixes:
+  - |
+    Vulnerability Management for Code-level (IAST): Fixes an issue where an atexit handler could lead to a segmentation fault.