-
Notifications
You must be signed in to change notification settings - Fork 1k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Support source fortification #247
Comments
Reported by |
Reported by |
Reported by |
Reported by |
Reported by |
Reported by |
Not working on this. |
Can't file bugs but I'd say the feature is very important. All modern distros enable fortification by default so not supporting this means that we effectively disable checks for memset, memcpy and other extremely interesting functions... |
Let's keep it open, although we are still not working on this. |
See also: https://sourceware.org/bugzilla/show_bug.cgi?id=20422 (@hannob ) |
@kcc : Re sourceware issue 20422: in https://gcc.gnu.org/bugzilla/show_bug.cgi?id=59148#c4 Jakaob Jelinek suggests there are things that |
@sitsofe at the very least fortify has more libc interceptors than asan. |
Sanitizers and fortifications do not interface, and there is currently no plan for them to work together. See also google/sanitizers#247
Making sure I understand:
|
Should production builds choose FORTIFY_SOURCE (edit) FORTIFY_SOURCE=2? Should debug builds choose asan? |
In general yes but Asan is much more precise (and slower). It's preferred choice for debugging purposes (with
FORTIFY_SOURCE (which is enabled by default in modern distros) prevents Asan from detecting some types of bugs.
Yes.
The "how" has been discussed on GCC mailing list few years ago, try searching there. |
Workaround is to compile with When there is annobin at play (RPM builds, or if you set your default CFLAGS by running |
...because ASAN does an extended version of this, and it's said to produce wrong results with fortification. Bug: google/sanitizers#247 Change-Id: Ia4bbbf96a1c82ee76c332a0136e3f9e44af1f724
Add support for clang Memory Sanitizer [1], which detects the usage of uninitialized values. While elfutils itself is already checked with valgrind, checking code that depends on elfutils requires elfutils to be built with MSan. Unlike the other sanitizers, MSan needs to be configured fairly early, since we need to drop -D_FORTIFY_SOURCE [2], -Wl,-z,defs and --no-undefined. [1] https://clang.llvm.org/docs/MemorySanitizer.html [2] google/sanitizers#247 Signed-off-by: Ilya Leoshkevich <[email protected]>
Add support for clang Memory Sanitizer [1], which detects the usage of uninitialized values. While elfutils itself is already checked with valgrind, checking code that depends on elfutils requires elfutils to be built with MSan. Unlike the other sanitizers, MSan needs to be configured fairly early, since we need to drop -D_FORTIFY_SOURCE [2], -Wl,-z,defs and --no-undefined. [1] https://clang.llvm.org/docs/MemorySanitizer.html [2] google/sanitizers#247 Signed-off-by: Ilya Leoshkevich <[email protected]>
Add support for clang Memory Sanitizer [1], which detects the usage of uninitialized values. While elfutils itself is already checked with valgrind, checking code that depends on elfutils requires elfutils to be built with MSan. MSan is not linked into shared libraries, and is linked into executables statically. Therefore, unlike the other sanitizers, MSan needs to be configured fairly early, since we need to drop -D_FORTIFY_SOURCE [2], -Wl,-z,defs and --no-undefined. Disable a few tests that run for more than 5 minutes due to test files being statically linked with MSan. [1] https://clang.llvm.org/docs/MemorySanitizer.html [2] google/sanitizers#247 Signed-off-by: Ilya Leoshkevich <[email protected]>
Add support for clang Memory Sanitizer [1], which detects the usage of uninitialized values. While elfutils itself is already checked with valgrind, checking code that depends on elfutils requires elfutils to be built with MSan. MSan is not linked into shared libraries, and is linked into executables statically. Therefore, unlike the other sanitizers, MSan needs to be configured fairly early, since we need to drop -D_FORTIFY_SOURCE [2], -Wl,-z,defs and --no-undefined. Disable a few tests that run for more than 5 minutes due to test files being statically linked with MSan. [1] https://clang.llvm.org/docs/MemorySanitizer.html [2] google/sanitizers#247 Signed-off-by: Ilya Leoshkevich <[email protected]>
…and MSAN This can cause either false positives in warnings from the compiler or false negatives where the sanitizer misses something. Bug: google/sanitizers#247 Signed-off-by: Sam James <[email protected]>
This can cause either false positives in warnings from the compiler or false negatives where the sanitizer misses something, so don't default-enable FORTIFY_SOURCE when -fsanitize=address is set to be safe. Bug: google/sanitizers#247 Signed-off-by: Sam James <[email protected]>
…bled This can cause either false positives in warnings from the compiler or false negatives where the sanitizer misses something. Bug: google/sanitizers#247 Signed-off-by: Sam James <[email protected]>
…bled This can cause either false positives in warnings from the compiler or false negatives where the sanitizer misses something. Bug: google/sanitizers#247 Signed-off-by: Sam James <[email protected]>
Originally reported on Google Code with ID 247
Reported by
ramosian.glider
on 2013-11-22 13:48:10The text was updated successfully, but these errors were encountered: