This is the mail archive of the mailing list for the glibc project.

Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

Re: [PATCH BZ#20422] Do not allow asan/msan/tsan and fortify at the same time.

On 09/06/2016 10:58 AM, Yuri Gribov wrote:

We could conceivably guard every _chk wrapper (say __sprintf_chk) with

#ifndef __fortify_no___sprintf_chk

.  In sanitizer mode, for those wrappers you have deemed to be unnecessary,
the compiler would define these macros, so that glibc wouldn't install the

Or just undefine _FORTIFY_SOURCE?

Well, but this way, you'll lose the completely unrelated alternative implementations which might still be useful because none of the sanitizers cover these aspects.

Another option would be to provide a glibc which has been compiled with the
required sanitizers, so that most interceptors become unnecessary.

Two important things to consider:
* sanitized Glibc will be slower (potentially much slower) than
current approach (because interceptors are heavily optimized)

But in turn, you might uncover more bugs (mostly in glibc, but also in applications because the interceptors happen to be slightly off in the behavior they model).

* I'm unaware of any plans to implement sanitized Glibc (even though
prototype has been available for 1+ year)

I hope to get remove the last remaining nested functions soon, if that's any help.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]