#22486 closed defect (worksforme)

Build Tor with clang's -fsanitize=pointer-overflow

Reported by: teor Owned by:
Priority: Medium Milestone: Tor: 0.3.2.x-final
Component: Core Tor/Tor Version:
Severity: Normal Keywords: pointer-safety
Cc: Actual Points:
Parent ID: Points: 1
Reviewer: Sponsor:

Description

There's a new pointer overflow detection feature that's just been merged into clang master (r304461 or later).

We should add it to ./configure --enable-fragile-hardening (after testing for it using autoconf), and see what it picks up.

Background is here:
https://blog.regehr.org/archives/1518

Child Tickets

Change History (3)

comment:1 Changed 15 months ago by nickm

That link says:

these checks are now part of UBSan and -fsanitize=undefined will enable them

So i think we may not need to take any action to have this included in our fragile hardening mode?

comment:2 in reply to:  1 Changed 15 months ago by teor

Replying to nickm:

That link says:

these checks are now part of UBSan and -fsanitize=undefined will enable them

So i think we may not need to take any action to have this included in our fragile hardening mode?

You're right, the sanitizer improvements just seem to work, see #22490, which is a use-after-stack-free bug.

comment:3 Changed 15 months ago by teor

Resolution: worksforme
Status: newclosed
Note: See TracTickets for help on using tickets.